search engine by freefind . . . .

Form Processing with PHP

Forms are used in HTML (web) pages to allow the user to submit information to the server. Each field in the form has a name (or key) that is unique within the form, and the data (or value) entered in that field by the user is associated with the field’s name. The field name and user-entered data for each field in the form make up a unique key-value pair. When the user clicks on the form’s Submit button, all of the form’s key-value pairs are sent to the server, where they will be processed by a server-side script. The example web page below contains a form that allows the user to enter their contact details (name, address, telephone number etc.)


<html>
<body>

<h1>Contact Details</h1>

<p>Please enter your contact details:</p>

<form action="display_contact_details.php" method="post">
  <table>
    <tr>
      <td align="right">Last name: </td>
      <td><input type="text" size="20" maxlength="15" name="lastname"></td>
    </tr>
    <tr>
      <td align="right">First name: </td>
      <td><input type="text" size="20" maxlength="15" name="firstname"></td>
    </tr>
    <tr>
      <td align="right">Address line 1: </td>
      <td><input type="text" size="60" maxlength="50" name="address01"></td>
    </tr>
    <tr>
      <td align="right">Address line 2: </td>
      <td><input type="text" size="60" maxlength="50" name="address02"></td>
    </tr>
    <tr>
      <td align="right">Town / city: </td>
      <td><input type="text" size="25" maxlength="20" name="town"></td>
    </tr>
    <tr>
      <td align="right">Post code: </td>
      <td><input type="text" size="12" maxlength="10" name="postcode"></td>
    </tr>
    <tr>
      <td align="right">Telephone: </td>
      <td><input type="text" size="20" maxlength="15" name="telephone"></td>
    </tr>
    <tr>
      <td align="right">E-mail: </td>
      <td><input type="text" size="60" maxlength="50" name="email"></td>
    </tr>
    <tr>
      <td> </td>
      <td colspan="2" align="left"><input type="submit" value="Submit"></td>
    </tr>
  </table>
</form>
</body>
</html>


Enter the code above into a text editor and save it with the filename "contact_details.html" in the "htdocs" directory of your "xampp" directory. Run the XAMPP server, then type the following URL into the browser’s address bar:


http://localhost/contact_details.html


You should see a web page that looks something like the screenshot below.


URL http://localhost/contact_details.html displays this page

URL http://localhost/contact_details.html displays this page


We must now create the simple server-side PHP script that handles the form data. The script is shown below.


<html>
  <body>

  <h1>Contact Details</h1>

  <p>The contact details you submitted are shown below:</p>

  <table>
    <tr>
      <td align="right">Last name: </td>
      <td><?php echo $_POST["lastname"]; ?></td>
    </tr>
    <tr>
      <td align="right">First name: </td>
      <td><?php echo $_POST["firstname"]; ?></td>
    </tr>
    <tr>
      <td align="right">Address line 1: </td>
      <td><?php echo $_POST["address01"]; ?></td>
    </tr>
    <tr>
      <td align="right">Address line 2: </td>
      <td><?php echo $_POST["address02"]; ?></td>
    </tr>
    <tr>
      <td align="right">Town / city: </td>
      <td><?php echo $_POST["town"]; ?></td>
    </tr>
    <tr>
      <td align="right">Post code: </td>
      <td><?php echo $_POST["postcode"]; ?></td>
    </tr>
    <tr>
      <td align="right">Telephone: </td>
      <td><?php echo $_POST["telephone"]; ?></td>
    </tr>
    <tr>
      <td align="right">E-mail: </td>
      <td><?php echo $_POST["email"]; ?></td>
    </tr>
  </table>

  </body>
</html>


Enter the code above into a text editor and save it with the filename "display_contact_details.php" in the "htdocs" directory of your "xampp" directory. Run the XAMPP server, then type the following URL into the browser’s address bar to open the web page that holds the form:


http://localhost/contact_details.html


Enter your name and contact details in the form, and click on the Submit button. The PHP script display_contact_details.php should process the form information you have submitted, and dynamically generate a web page that displays the details back to you. Typical form data, together with the resulting output from display_contact_details.php, are illustrated below.


Typical form data in contact_details.html

Typical form data in contact_details.html



The output from display_contact_details.php

The output from display_contact_details.php


PHP scripts can be used to validate user input received by the server before further processing is carried out, although in order to both reduce the workload on the server and to improve user response times, the validation of form information is usually carried out by client-side scripts before the data is submitted to the server. You may need to carry out further validation, however, if the data is going to be used by a database application on the server (for example, to check for duplicated records in the database).

The PHP methods $_GET and $_POST (used in our example) are typically used to retrieve information from forms. The $_GET function is used to retrieve key-value pairs from form data sent to the server using the HTTP GET method. Information sent using the GET method appears in the browser’s address bar as part of the URL when the form data is submitted to the server, which means it is clearly visible (not recommended if the data is of a sensitive nature). You can demonstrate the effect of using GET by changing the form’s method in contact_details.html to "get". Open the page in XAMPP again, enter some information in the form, and click on the Submit button. Although the PHP script will not display the data (since we have not re-written it to retrieve data sent with GET), you can clearly see the form data embedded in the URL in the browser’s address bar. The partial screenshot below illustrates this.


The URL submitted to the server includes the form data.

The URL submitted to the server includes the form data.


To have the PHP script display the form data as it did previously, we would need to substitute the $_POST method with $_GET wherever it appears in the script. The full URL would look something like the one shown below:


http://localhost/display_contact_details.php? lastname=Wells& firstname=Chris&address01=Narzissenweg+4&address02=&town=Hamburg&postcode=22047&telephone=040+12345678&email=cwells%40technologyuk.net


The $_POST function is used to retrieve key-value pairs from form data sent to the server using the HTTP POST method. The information sent to the server does not form part of the URL, and there are almost no limitations on the amount of data that can be sent using this method (unlike the HTTP GET method). The POST method is preferred if sensitive data is being submitted, or if the user request will result in changes being made (e.g. to a database record) on the server. The only real disadvantage of this method is that the page generated as a result of the request cannot be bookmarked, because the URL does not contain the data used to create the page contents. The PHP $_REQUEST method can be used to retrieve the key-value pairs for form data sent using either the GET method or the POST method.