Home > Articles

PHP and the Web

  • Print
  • + Share This
This chapter is from the book

This chapter is from the book

HTML Forms

One task with which you should already be familiar is processing HTML forms. Forms provide a convenient way for users to send data to the server, and this makes the Web much more interactive. PHP makes processing these forms easy for developers; the form data is available in the $_GET and $_POST superglobal arrays, depending on the method used in the form (which in turn affects the request method used by the browser). In addition, $_REQUEST is a method-agnostic array that you can use to access form data (basically a merge of both $_GET and $_POST).

Superglobal arrays are available in every scope, which makes them convenient to use. For example, you might use them in a function without having to declare them as global, and there is no need to ever pass them to a function. They are always available.

For versions of PHP prior to 4.1.0, you must use a different set of arrays because $_GET, $_POST, and $_REQUEST are not available. Instead, you must use $_HTTP_GET_VARS and $_HTTP_POST_VARS (for $_GET and $_POST, respectively). There is no equivalent for $_REQUEST (where both arrays are merged), and these are also not superglobals, so you must use them similar to standard arrays.

To illustrate how form data is passed, consider the following form:

<form action="/process.php" method="post">
<input type="text" name="answer" />
<input type="submit" />
</form>

Figure 3.2 shows how this form appears in a Web browser.

Figure 3.2Figure 3.2 A browser renders an HTML form.

If a user enters C for the answer and submits the form, an HTTP request similar to the following is sent to the web server:

POST /process.php HTTP/1.1
Host: example.org
Content-Type: application/x-www-form-urlencoded
Content-Length: 8

answer=C

As a PHP developer, you can reference this value as $_POST['answer'] because the request method (indicated on the first line of the HTTP request) is POST.

By contrast, if the method of the form specifies the use of a GET request, the request is similar to the following:

GET /process.php?answer=C HTTP/1.1
Host: example.org

Rather than passing the form data as the content of the request, it is passed as the query string of the URL. In this situation, you can reference $_GET['answer'] to get the user's answer.

One important point about HTML forms is that the result of any form element is a single name/value pair in the request. This is true for hidden form elements, radio buttons, checkboxes, and all other types. For example, consider the following form:

<form action="/process.php" method="post">
<input type="hidden" name="answer" value="C" />
<input type="submit" />
</form>

Figure 3.3 shows how this form appears in a Web browser. Unlike the previous example, the user is only presented with the submit button. As long as the user uses this form to send the POST request, the value of $_POST['answer'] will always be C. The actual request sent by the browser is identical to the previous example, thus it is impossible to discern the type of HTML form used to generate a request by only observing the request.

Figure 3.3Figure 3.3 A browser renders an HTML form.

The behavior of some form elements can be confusing. Notably, elements such as check boxes and radio buttons, because of their Boolean nature, are only included in the request if selected. When selected, their value is determined by the value attribute given in the HTML markup. Thus, the corresponding variable in PHP might or might not be set, and you might want to use isset() on these types of elements to determine this.

There is also the special case in which multiple form elements are given the same name, such as in the following example:

<form action="/process.php" method="post">
<input type="text" name="answer" />
<input type="text" name="answer" />
<input type="submit" />
</form>

The browser will send a request similar to the following (assuming that the user answers C and A, respectively):

POST /process.php HTTP/1.1
Host: example.org
Content-Type: application/x-www-form-urlencoded
Content-Length: 8

answer=C&answer=A

If you reference $_POST['answer'], you will notice that its value is A. Where did the first answer go? As PHP processes the form for you and assigns variables within the superglobal arrays, values can be overwritten. If this is not the desired behavior, there is a simple naming convention you can use instead:

<form action="/process.php" method="post">
<input type="text" name="answer[]" />
<input type="text" name="answer[]" />
<input type="submit" />
</form>

By adding [] to the end of the form element name, you are asking PHP to create an array for this particular element. Assuming that the same answers as before (C and A, respectively) are entered before submitting the form, $_POST['answer'] is now an enumerated array, and the output of print_r($_POST['answer']) is as follows:

Array
(
  [0] => C
  [1] => A
)

So, you now have both values preserved conveniently in an array.

  • + Share This
  • 🔖 Save To Your Account