Lesson 5

PHP Form
Handling

1
 Lesson Learning
Outcomes
• At the end of this Topic, the learner should be
able to:
i. Write PHP code that uses the GET method to
submit data
ii. Write PHP code that uses the POST method to
submit data
iii. Compare the attributes of both the GET and the
POST methods
iv. Posting data using $_SERVER["PHP_SELF"] variable
v. Validate an HTML web Form using PHP validation
methods

2
 Introduction
 Sending HTML form data to an email using PHP is
a common task in web development.

 An HTML form is a structured element of an HTML

document that allows users to input data, which
can then be submitted to a server for processing.

 It’s essentially a container for different types of

form controls, such as text inputs, checkboxes,
radio buttons, dropdown menus, and more.

3
Introduction(cont.)

4
 GET vs. POST
 Both GET and POST are treated as $_GET and $_POST. These
are superglobals, which means that they are always
accessible, regardless of scope - and you can access them
from any function, class or file without having to do anything
special.

 Both GET and POST create an array (e.g. array( key1 =>
value1, key2 => value2, key3 => value3, ...)).

 This array holds key/value pairs, where keys are the names of
the form controls and values are the input data from the user.

 $_GET is an array of variables passed to the current script

via the URL parameters.

 $_POST is an array of variables passed to the current script

via the HTTP POST method.
5
 When to use GET?
 Information sent from a form with the GET
method is visible to everyone (all variable names
and values are displayed in the URL).

 GET also has limits on the amount of information

to send, not more than 2000 characters.

 However, because the variables are displayed in

the URL, it is possible to bookmark the page
which can be useful in some cases.

 GET may be used for sending non-sensitive data

and should NEVER be used for sending passwords
or other sensitive information!
6
 How GET Method works
1  <form action=“get_script.php"
method="get">
Name: <input type="text"
name="name"><br>
E-mail: <input type="text"
name="email"><br>
<input type="submit"> 2
</form>
3 get_script.php
Welcome <?php echo
$_GET["name"]; ?><br>
Your email address is: <?php echo
$_GET["email"]; ?>
4
5

6 http://localhost/php-lesson-scripts/
forms/welcome_get.php?
name=hadullo&email=khadullo 7

%40gmail.com
 When to use POST?
 Information sent from a form with the POST
method is invisible to others (all names/values
are embedded within the body of the HTTP
request) and has no limits on the amount of
information to send.

 Moreover POST supports advanced

functionality such as support for multi-part
binary input while uploading files to server.

 However, because the variables are not

displayed in the URL, it is not possible to
bookmark the page.
8
 How POST method works
 <form action=“post_script.php"
1 method=“post">
Name: <input type="text"
name="name"><br>
E-mail: <input type="text" 2
name="email"><br>
<input type="submit">
3 get_script.php
</form>
Welcome <?php echo
$_POST["name"]; ?><br>
Your email address is: <?php echo
$_POST["email"]; ?> 4

6
9
 Form Processing
<form action=“process.php"
method="post">
Name: <input type="text"
name="name"><br>
E-mail: <input type="text"
name="email"><br>
<input type="submit">
</form>

10
 Form Processing(cont.)
When the user fills out the form above and
clicks the submit button, the form data is
sent for processing to a PHP file named
“process.php".
The form data is sent with the HTTP POST
method.

To display the submitted data you could

simply echo all the variables.
The “process.php" looks like this:

11
 Process.php(cont.)
Welcome <?php echo $_POST["name"]; ?
><br>
Your email address is: <?php echo
$_POST["email"]; ?>

Welcome John
Your email address is
[email protected]

12
 The $_SERVER["PHP_SELF"]
variable
The $_SERVER["PHP_SELF"] is a super
global variable that returns the filename of
the currently executing script.

So, the $_SERVER["PHP_SELF"] sends the

submitted form data to the page itself,
instead of jumping to a different page.

This way, the user will get error messages

on the same page as the form.

13
 The $_SERVER["PHP_SELF"]
variable Code Example
 <form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
 Name: <input type="text" name="fname">
 <input type="submit">
 </form>

 <?php
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
 // collect value of input field
 $name = htmlspecialchars($_REQUEST['fname']);
 if (empty($name)) {
 echo "Name is empty";
 } else {
 echo $name;
 }
}
 ?>
14
 The $_SERVER["PHP_SELF"]
variable Code Example
 <form method="post" action="<?php echo $_SERVER['PHP_SELF'];?>">
 Name: <input type="text" name="fname">
 <input type="submit">
 </form>

 <?php
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
 // collect value of input field
 $name = htmlspecialchars($_REQUEST['fname']);
 if (empty($name)) {
 echo "Name is empty";
 } else {
 echo $name;
 }
}
 ?>
15
 PHP Form Validation
 Proper validation of form data is important to
protect your form from hackers and spammers!

16
 Validation Rules
 The validation rules for the form above are as
follows:

Field Validation Rules

Name Required. + Must only contain letters and
whitespace
E-mail Required. + Must contain a valid email address
(with @ and .)
Website Optional. If present, it must contain a valid URL
Comment Optional. Multi-line input field (textarea)
Gender Required. Must select one

17
 PHP Form Validation
 Proper validation of form data is important to
protect your form from hackers and spammers!

18
 The end
Thank you

11/08/2024 19