Today in this post, I would talk about Handling HTML forms with PHP. A simple example would be registration form. Lets create a html form with php
<html>
<form action="register.php" method="post">
<table border=0>
<tr>
<td><font face="Arial, Helvetica, sans-serif" color=black size=-1>
<b>Username:*</b></br>
<i>It must be 3 or more characters in length <br> and may
only contain letters and number</i></td>
<td><input name="userid" type="text" id="userid" maxlength="30">
</td>
</tr>
<tr>
<td><font face="Arial, Helvetica, sans-serif" color=black size=-1>
<b>Password:*</b><br>
<i>It must be 6 or more characters in length <br> and may
only contain letters and number</i></td>
<td><input name="password" type="password" id="password" maxlength="15">
</td>
</tr>
<tr>
<td><font face="Arial, Helvetica, sans-serif" color=black size=-1>
<b>Re-type Password:*</b></td>
<td><input name="password2" type="password" id="password2" maxlength="15">
</td>
</tr>
<tr>
<td><font face="Arial, Helvetica, sans-serif" color=black size=-1>
<b>Firstname:*</b></td>
<td><input name="firstname" type="text" id="firstname" maxlength="15">
</td>
</tr>
<tr>
<td><font face="Arial, Helvetica, sans-serif" color=black size=-1>
<b>Lastname:*</b></td>
<td><input name="lastname" type="text" id="lastname" maxlength="15">
</td>
</tr>
<tr>
<td><font face="Arial, Helvetica, sans-serif" color=black size=-1>
<b>Your Email Atdress:*</b><br>
<i>A confirmation email will be sent to you <br>
at this address</i>
</td>
<td><input name="email" type="text" id="email" maxlength="255">
</td>
</tr>
<tr>
<td><font face="Arial, Helvetica, sans-serif" color=black size=-1>
<b>Your Mobile No:*</b><br>
</td>
<td><input name="mob" type="text" id="mob" maxlength="10">
</td>
</tr>
<tr>
<td><input name="reset" type="reset" value="Reset"></td>
<td><input name="register" type="submit" value="register"> </td>
</tr>
</table>
</form>
</html>
We can save this file as myregistration.html and When you will open it you will get below html form.
When you fill the data and click the submit button, the all the submitted data is sent to register.php through HTML Post method
All variables passed to the current script via the HTTP POST method are stored in associative array $_POST. So you can access data from each field using $_POST[‘NAME’], where NAME is the actual field name. If you submit the form above you would have access to a number of $_POST array values inside the register.php file. The vvariables
$_POST['userid']
$_POST['password']
$_POST['password2']
$_POST['firstname']
$_POST['lastname']
$_POST['email']
$_POST['mob']
Now it is the job of register.php to process these variable according to the need and return the information back to user
Let’s for example, we choose register.php like
<?php echo '<html>'; $userid=$_POST['userid']; $password=$_POST['password']; $password2=$_POST['password2']; $firstname=$_POST['firstname']; $lastname=$_POST['lastname']; $email=$_POST['email']; $mob=$_POST['mob']; /* some mysql stuff */ echo 'You name is $userid'; echo '<br>'; echo 'You Firstname is $firstname'; echo '<br>'; echo 'You lastname is $lastname'; echo '<br>'; echo 'Your registration is completed'; echo '</html>'; ?>
But here we are missing very important piece of information i.e validation. Users may put bad piece and totally corrupt the things. so it is always good to validate the information
There are many ways to perform the validation and it depends on the need,I would tell here some of the basics one
| htmlspecialchars() | This function convert the html special character in the input to html version. So attacker cannot inject html or java code in the field |
| stripslashes() : | It removes the backflashed in the data |
| trim() | This function returns a string with whitespace stripped from the beginning and end of string |
| preg_match | This function matches the string with the strings. This is good function to validate the character in the field preg_match(“/[^a-zA-Z]/”,$userid) : It check for if $userid is made of letters a-z and A-Z only (no spaces, digits or any other characters) |
Keeping all these validation in mind, we can write the register.php as
<?php
function validate_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
function validate_email($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
if (!preg_match("/([\w-]+\@[\w-]+.[\w-]+)/",$data))
{
die("E-mail address not valid");
}
return $data;
}
echo '<html>';
$userid=$_POST['userid'];
$password=$_POST['password'];
$password2=$_POST['password2'];
$firstname=$_POST['firstname'];
$lastname=$_POST['lastname'];
$email=$_POST['email'];
$mob=$_POST['mob'];
/* some mysql stuff */
echo 'You name is $userid';
echo '<br>';
echo 'You Firstname is $firstname';
echo '<br>';
echo 'You lastname is $lastname';
echo '<br>';
echo 'Your registration is completed';
echo '</html>';
?>
I hope you like the tutorial on Handling HTML forms with PHP. Please provide the feedback
Also Reads
How to run php file in windows : This post talks about how we can php file on the the window and do the testing before moving to the web server
uses of PHP : This has detailed description why PHP is so much used through out the world.
first php program : This is good starting point for anybody starting with PHP and talk in good detail about how to write your PHP program and execute it
Define constant in PHP
https://en.wikipedia.org/wiki/PHP
