What does Form mean?
A document with blank spaces where the user can type in data or pick it from a list.
The data will be stored in the database in a casual way.
Websites that change often are called “dynamic websites”. Forms give you the tools you need to store, change, get, and get rid of data in a database.
Form data is collected using the PHP superglobals $_GET and $_POST.
PHP: Creating An Easy HTML Form
The example below shows a simple HTML form with two input fields and a submit button:
Example
<!DOCTYPE HTML>
<html>
<body><form action=”form.php” method=”post”>
Name: <input type=”text” name=”name”><br>
E-mail: <input type=”text” name=”email”><br>
<input type=”submit” >
</form></body>
</html>
When a user fills out the form above and clicks “Submit,” the information is sent to a PHP file called “form.php” to be processed. With the HTTP POST method, the form data is sent.
You could just echo all the variables to show the data that was sent. This is how “result.php” looks:
<html>
<body>Welcome <?php echo $_POST[“name”]; ?><br>
Your email is: <?php echo $_POST[“email”]; ?></body>
</html>
The result could look like this:
Welcome Ram
Your email address is ram@yourdomain.com
The HTTP GET method could also be used to get to the same place:
Example
<!DOCTYPE HTML>
<html>
<body><form action=”result_get.php” method=”get”>
Name: <input type=”text” name=”name”><br>
E-mail: <input type=”text” name=”email”><br>
<input type=”submit” >
</form></body>
</html>
This is how “result_get.php” looks:
<html>
<body>Welcome <?php echo $_POST[“name”]; ?><br>
Your email is: <?php echo $_POST[“email”]; ?></body>
</html>
The result could look like this:
Welcome Ram
Your email address is ram@yourdomain.com
The code above is easy to understand. But what’s missing is the most important thing. If you want to keep bad code from getting into your script, you need to validate form data.
Compare GET vs. POST
- Both GET and POST make an array, like array(key1 = value1, key2 = value2, key3 = value3, etc.). This array stores pairs of “key” and “value,” where “key” is the name of a form control and “value” is the data entered by the user.
- $_GET and $_POST are used for both GET and POST. These are superglobals, which means that you can access them from any function, class, or file without having to do anything special.
- $_GET is a list of variables that the URL parameters send to the current script.
- $_POST is an array of variables that the HTTP POST method sends to the current script.
When do you use GET?
With the GET method, everyone can see the information sent from a form (all variable names and values are displayed in the URL). There are also limits on how much information can be sent with GET. About 2000 characters is the most that can be used. But since the variables are shown in the URL, it is possible to save the page as a bookmark. This can sometimes be helpful.
GET can be used to send data that is not sensitive.
Note: You should NEVER send passwords or other sensitive information using GET.
When is POST used?
With the POST method, information sent from a form is hidden from others because all names and values are embedded in the body of the HTTP request. There is also no limit to the amount of information that can be sent.
POST also has advanced features, like the ability to accept multi-part binary input when uploading files to a server.
But because the variables are not shown in the URL, the page can’t be bookmarked.
Developers prefer POST for sending form data.
In the next chapter, we learn about PHP Form Validation.