<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title>Dealing with Forms</title> </head> <body><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="tutorial.useful.html">Something Useful</a></div> <div class="next" style="text-align: right; float: right;"><a href="tutorial.oldcode.html">Using old code with new versions of PHP</a></div> <div class="up"><a href="tutorial.html">A simple tutorial</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div><hr /><div id="tutorial.forms" class="section"> <div class="info"><h1 class="title">Dealing with Forms</h1></div> <p class="para"> One of the most powerful features of PHP is the way it handles HTML forms. The basic concept that is important to understand is that any form element will automatically be available to your PHP scripts. Please read the manual section on <a href="language.variables.external.html" class="link">Variables from external sources</a> for more information and examples on using forms with PHP. Here is an example HTML form: </p> <p class="para"> <div class="example" id="example-7"> <div class="info"><p><strong>Example #1 A simple HTML form</strong></p></div> <div class="example-contents"> <div class="htmlcode"><pre class="htmlcode"><form action="action.php" method="post"> <p>Your name: <input type="text" name="name" /></p> <p>Your age: <input type="text" name="age" /></p> <p><input type="submit" /></p> </form></pre> </div> </div> </div> </p> <p class="para"> There is nothing special about this form. It is a straight HTML form with no special tags of any kind. When the user fills in this form and hits the submit button, the <var class="filename">action.php</var> page is called. In this file you would write something like this: </p> <p class="para"> <div class="example" id="example-8"> <div class="info"><p><strong>Example #2 Printing data from our form</strong></p></div> <div class="example-contents"> <div class="phpcode"><code><span style="color: #000000"> Hi <span style="color: #0000BB"><?php </span><span style="color: #007700">echo </span><span style="color: #0000BB">htmlspecialchars</span><span style="color: #007700">(</span><span style="color: #0000BB">$_POST</span><span style="color: #007700">[</span><span style="color: #DD0000">'name'</span><span style="color: #007700">]); </span><span style="color: #0000BB">?></span>.<br />You are <span style="color: #0000BB"><?php </span><span style="color: #007700">echo (int)</span><span style="color: #0000BB">$_POST</span><span style="color: #007700">[</span><span style="color: #DD0000">'age'</span><span style="color: #007700">]; </span><span style="color: #0000BB">?></span> years old.</span> </code></div> </div> <div class="example-contents"><p> A sample output of this script may be: </p></div> <div class="example-contents screen"> <div class="cdata"><pre> Hi Joe. You are 22 years old. </pre></div> </div> </div> </p> <p class="para"> Apart from the <span class="function"><a href="function.htmlspecialchars.html" class="function">htmlspecialchars()</a></span> and <em>(int)</em> parts, it should be obvious what this does. <span class="function"><a href="function.htmlspecialchars.html" class="function">htmlspecialchars()</a></span> makes sure any characters that are special in html are properly encoded so people can't inject HTML tags or Javascript into your page. For the age field, since we know it is a number, we can just <a href="language.types.type-juggling.html#language.types.typecasting" class="link">convert</a> it to an <span class="type"><a href="language.types.integer.html" class="type integer">integer</a></span> which will automatically get rid of any stray characters. You can also have PHP do this for you automatically by using the <a href="ref.filter.html" class="link">filter</a> extension. The <var class="varname"><var class="varname"><a href="reserved.variables.post.html" class="classname">$_POST['name']</a></var></var> and <var class="varname"><var class="varname"><a href="reserved.variables.post.html" class="classname">$_POST['age']</a></var></var> variables are automatically set for you by PHP. Earlier we used the <var class="varname"><var class="varname"><a href="reserved.variables.server.html" class="classname">$_SERVER</a></var></var> superglobal; above we just introduced the <var class="varname"><var class="varname"><a href="reserved.variables.post.html" class="classname">$_POST</a></var></var> superglobal which contains all POST data. Notice how the <em class="emphasis">method</em> of our form is POST. If we used the method <em class="emphasis">GET</em> then our form information would live in the <var class="varname"><var class="varname"><a href="reserved.variables.get.html" class="classname">$_GET</a></var></var> superglobal instead. You may also use the <var class="varname"><var class="varname"><a href="reserved.variables.request.html" class="classname">$_REQUEST</a></var></var> superglobal, if you do not care about the source of your request data. It contains the merged information of GET, POST and COOKIE data. </p> <p class="para"> You can also deal with XForms input in PHP, although you will find yourself comfortable with the well supported HTML forms for quite some time. While working with XForms is not for beginners, you might be interested in them. We also have a <a href="features.xforms.html" class="link">short introduction to handling data received from XForms</a> in our features section. </p> </div><hr /><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="tutorial.useful.html">Something Useful</a></div> <div class="next" style="text-align: right; float: right;"><a href="tutorial.oldcode.html">Using old code with new versions of PHP</a></div> <div class="up"><a href="tutorial.html">A simple tutorial</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div></body></html>