index<--

PHP Web Forms

HTML Form

Let’s review some useful "tags" that you should have learned in "HTML+CSS" class.

Form tag: <form>

Create a form and specify how the form is handled using attributes,

<form action="/action_page.php" method="get">

Input tag: <input>

Create a form control, depending on attributes:

Example:

Next example is a web form that uses method "get" to send information to welcome.php script.

<html>
<body>
    <form action="welcome.php" method="get">
       <input type="text" name="name" value="Enter your name"><br>
       <input type="submit" value="Submit"><br>
    </form>
</body>
</html>

Note: Form action is called form handler and is a script that do not contains the form. It contains a program that interpret the data send by method "get" or "post" to server when you press submit button.

Action handler

The form handler is a PHP script specified by "action" attribute in a web form. Handler can use several predefined variables scaled "superglobal" variables. These variables are associative arrays, containing information about form data:

• $_SERVER 
• $_REQUEST
• $_POST
• $_GET
• $_SESSION

When user press the submit button, the browser will create a post or get message and send this message to form action handler. The server can read the date from "superglobals" and prepare a response.

Example:

A simple handler for previous example: welcome.php

<html>
<body>
   
Hello: <?php echo $_GET["name"]; ?></p>
</body>
</html>

Note: Since the form method = "get" the variable $_GET will contain a value for field "name". We can find this value using $_GET["name"] since $_GET is in fact an associative array.

Get vs Post

You can use two methods to send information from your form to the server: "get" and "post". Decision when to use one or the other it belongs to you. There are several capabilities of each that you can consider before make your decision:

The "get" method: name and value pairs are encapsulated in URL request. Input values are stored in format "?field_name=field_value" separated by "&". In our case the URL could look like this:

http://www.sagecode.pro/welcome.php?name=your%20name

Notes:

• The length of URL is limited, so it is not possible to send more than 2000 characters using this method.
• Do not use "get" method to for sending passwords or e-mail addresses.

Using "post" method: names and value pairs created by the form are embedded within the body of the HTTP request. This is more secure since the information is not visible, but it still require https: protocol to make a secure communication with the server.

Notes:

• You can use "post" to send larger form data and also you can upload files using this protocol.
• When you use "post" method, the information from your form is contained in $_POST variable.
• If you decide to use "get" than change your mind and use "post" instead you will need to refactor your server side code.

Initial Value

The web form can be created with help from PHP. That’s the secret of dynamic web-forms. Instead of making plain HTML forms, you can use a *.php script to generate the form. 

One intresting thing you can do is to put the initial value in the form fields using "value" attribute. By using a php script you can set the initial values using "<?=$variable>" so the form is not going empty. 

Example:

This form contains PHP tags to set the initial values in controls.

<form name="Test" action="" method="post">
    <input type="hidden" name="ID" value="<?=$uid?>">
    <input name="name" value="<?=$name?>">
    <br>
    <input type="submit" value="Submit">
</form>

Note: The variables you are using in the form for "values" attributes need to be loaded from a database or from $_POST global variable by name. The name of the input field becomes the key for the value in the associative array.

The End: Thanks for reading, I wish you a productive rest of the day!

Read next: Reference Manual: