Something Useful
Good tips everybody, thanks! A brief summary:
SERVER-SIDE PROCESSING (GET and POST)
<!-- If your form submission WILL NOT WRITE anything on the SERVER-SIDE, use GET -->
<form action="action.php" method="get">
<!-- If your form submission WILL WRITE some data on the SERVER-SIDE, use POST -->
<form action="action.php" method="post">
CLIENT-SIDE PROCESSING (ID and NAME)
<!-- If the CLIENT-SIDE NEEDS to access or modify this field, use the id attribute -->
<input id="firstName" name="firstName" type="text">
<!-- create a script that runs on the CLIENT-SIDE to access and modify the field -->
<script type="javascript">
var firstName = document.getElementById("firstName");
firstName.value = 'some text';
firstName.focus();
</script>
<!-- If the CLIENT-SIDE DOES NOT NEED to access or modify this field, -->
<!-- then there is no need for the ID attribute or a client side script -->
<input name="firstName" type="text">
Note the HTML SYNTAX:
- In <form>, 'get' and 'post' are the VALUE of the attribute named 'method'.
- In <input>, 'id' and 'name' are the NAME of the attribute with values of 'firstName'.
Dealing with Forms
One of the most powerful features of PHP is the way it handles HTML forms. The basic concept that is important to understand is that any form element will automatically be available to your PHP scripts. Please read the manual section on Variables from external sources for more information and examples on using forms with PHP. Here is an example HTML form:
Example #1 A simple HTML form
<form action="action.php" method="post"> <p>Your name: <input type="text" name="name" /></p> <p>Your age: <input type="text" name="age" /></p> <p><input type="submit" /></p> </form>
There is nothing special about this form. It is a straight HTML form with no special tags of any kind. When the user fills in this form and hits the submit button, the action.php page is called. In this file you would write something like this:
Example #2 Printing data from our form
Hi <?php echo htmlspecialchars($_POST['name']); ?>.
You are <?php echo (int)$_POST['age']; ?> years old.
A sample output of this script may be:
Hi Joe. You are 22 years old.
Apart from the htmlspecialchars() and (int) parts, it should be obvious what this does. htmlspecialchars() makes sure any characters that are special in html are properly encoded so people can't inject HTML tags or Javascript into your page. For the age field, since we know it is a number, we can just convert it to an integer which will automatically get rid of any stray characters. You can also have PHP do this for you automatically by using the filter extension. The $_POST['name'] and $_POST['age'] variables are automatically set for you by PHP. Earlier we used the $_SERVER superglobal; above we just introduced the $_POST superglobal which contains all POST data. Notice how the method of our form is POST. If we used the method GET then our form information would live in the $_GET superglobal instead. You may also use the $_REQUEST superglobal, if you do not care about the source of your request data. It contains the merged information of GET, POST and COOKIE data. Also see the import_request_variables() function.
You can also deal with XForms input in PHP, although you will find yourself comfortable with the well supported HTML forms for quite some time. While working with XForms is not for beginners, you might be interested in them. We also have a short introduction to handling data received from XForms in our features section.
add a note
User Contributed NotesDealing with Forms
wbcarts at juno dot com
05-Oct-2008 09:03
05-Oct-2008 09:03
rosko at zeta dot org dot au
11-Aug-2008 02:55
11-Aug-2008 02:55
@Lord Pacal: the attributes 'name' and 'id' have different intent and are used differently. 'id' uniquely identifies an element in the HTML DOM, whereas 'name' identifies the field that will be transmitted on the form submit. You can omit the 'id' attribute, but not the 'name' attribute.
Where a field requires multiple elements, e.g. radio buttons and check boxes, the 'name' attribute must be the same but the 'id' must be unique for each element.
'id' is useful for linking explicitly to the element, as in the following cases:
* CSS selector by ID
* JavaScript code, e.g. in-browser form validation or active forms
* the target of a <label> element
The last example is one not used nearly enough, as it allows the user to click on the text next to a radio button or check box - a bigger target and thus easier for users not used to using a mouse:
<input type="checkbox" name="example" value="yes" id="example_yes"/>
<label for="example_yes">Yes, I can click on the text and check the box</label>
arnel_milan at hotmail dot com
29-Mar-2008 06:27
29-Mar-2008 06:27
I was so shocked that some servers have a problem regarding the Submit Type Name and gives a "Not Acceptable error" or Error 406.
Consider the example below :
<form action="blah.php" method="POST">
<table>
<tr>
<td>Name:</td>
<td><input type="text" name="name"></td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" name="Submit_btn" id="Submit_btn" value="Send">
</td>
</tr>
</table>
</form>
This very simple code triggers the "Not Acceptable Error" on
PHP Version 5.2.5 and Apache 1.3.41 (Unix) Server.
However to fix this below is the right code:
<form action="blah.php" method="POST">
<table>
<tr>
<td>Name:</td>
<td><input type="text" name="name"></td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" name="Submitbtn" id="Submit_btn" value="Send">
</td>
</tr>
</table>
</form>
The only problem that took me hours to find out is the "_" in the Submit Button.
Hope this help!
Lord Pacal
04-Jan-2008 03:38
04-Jan-2008 03:38
One thing that tripped me up when I was first learning PHP was the use of the NAME attribute in form fields. The current convention is to use the ID attribute instead when creating forms. (Many HTML editors automatically include an ID attribute without a NAME attribute.) Now, I include both the NAME and ID attributes (with the same value) in all my form fields.
For example...
<form method="post">
<input type="text" id="field1">
<input type="submit" value="go">
</form>
If you then have a PHP page requesting the contents of the "field1" field...
<?php echo $_POST["field1"] ?>
...the above form will always return an empty string for "field1".
The solution is to include the NAME attribute...
<form method="post">
<input type="text" id="field1" name="field1">
<input type="submit" value="go">
</form>
With this change, the PHP code will correctly retrieve the value of the "field1" field.
SvendK
09-Nov-2006 05:02
09-Nov-2006 05:02
As Seth mentions, when a user clicks reload or goes back with the browser button, data sent to the server, may be sent again (after a click on the ok button).
It might be wise, to let the server handle whatever there is to handle, and then redirect (a redirect is not visible in the history and thus not reachable via reload or "back".
It cannot be used in this exact example, but as Seth also mentions, this example should be using GET instead of POST
yasman at phplatvia dot lv
05-May-2005 09:18
05-May-2005 09:18
[Editor's Note: Since "." is not legal variable name PHP will translate the dot to underscore, i.e. "name.x" will become "name_x"]
Be careful, when using and processing forms which contains
<input type="image">
tag. Do not use in your scripts this elements attributes `name` and `value`, because MSIE and Opera do not send them to server.
Both are sending `name.x` and `name.y` coordiante variables to a server, so better use them.
sethg at ropine dot com
01-Dec-2003 09:55
01-Dec-2003 09:55
According to the HTTP specification, you should use the POST method when you're using the form to change the state of something on the server end. For example, if a page has a form to allow users to add their own comments, like this page here, the form should use POST. If you click "Reload" or "Refresh" on a page that you reached through a POST, it's almost always an error -- you shouldn't be posting the same comment twice -- which is why these pages aren't bookmarked or cached.
You should use the GET method when your form is, well, getting something off the server and not actually changing anything. For example, the form for a search engine should use GET, since searching a Web site should not be changing anything that the client might care about, and bookmarking or caching the results of a search-engine query is just as useful as bookmarking or caching a static HTML page.