Please wait

Form Data

Data is sent from the client to the server through HTTP requests. We have various options for sending HTTP requests. One of them which is commonly using the HTML <form> element for form submissions.

The <form> element in HTML acts as a container for various input fields like text, radio buttons, checkboxes, etc. It allows users to enter information.

One the <form> element, there are two critical attributes that must be configured.

  • Action Attribute: The action attribute in the <form> tag defines the URL to which the form data should be sent when the user submits the form.
  • Method Attribute: The method attribute specifies how to send form data using either the GET or POST HTTP methods.

For the method, we can use GET or POST.

  • GET: Appends form data to the URL in name/value pairs, visible in the browser's address bar.
  • POST: Sends data in the body of the request, which is more secure and suitable for sensitive information.

Here's an example of a basic form:

<form action="process.php" method="POST">
  <label for="name">Name:</label>
  <input type="text" id="name" name="name" />
  <input type="submit" value="Submit" />
</form>

In the example above, the form is submitted to the process.php file, and the HTTP method is POST.

Name Attribute

The name attribute in an HTML form plays a crucial role in how data is collected and processed by server-side languages like PHP. It acts as a key or identifier for the data being sent to the server. When a form is submitted, the values of the named input elements are sent to the server in key-value pairs, where the keys are the values of the name attributes.

In PHP, you access the data sent via a form through associative arrays like $_GET or $_POST, depending on the form's method. The name attribute's value is used as the key in these arrays.

For example, if a text input has the name attribute set to username, its value can be accessed in PHP with $_POST['username'].

Remember to add names

Inputs without a name attribute will not be included in the submitted data. If you want a particular value to be sent to the server, that input element must have a name attribute.

As an example, let's imagine the form above was submitted. We have one input, which is the following:

<input type="text" id="name" name="name" />

In PHP, the value can be accessed as:

$name = $_POST['name'];

Verifying a Form Submission

An extra step you can take for dealing with form data is to verify a form was submitted. You can't process data if a form was not submitted. You can use the $_SERVER superglobal to check the request method.

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
 
}

The above example checks if the HTTP request method, which is stored in the REQUEST_METHOD key, is set to POST.

But if you're using GET, this won't work since all requests are GET by default. One solution is to add a hidden <input /> element.

<input type="hidden" name="submitted" value="1" />

If this element appears in the request, we can assume the request was created via a form submission.

$isSubmitted = $_GET['submitted'] ?? false;
 
if ($submitted === '1') {
  // Process form submission
  print_r($_GET);
}

In this example, if the $_GET['submitted'] variable has the correct value, we proceed with processing the request.

Key Takeaways

  • The action attribute on the <form> element determines where a request is sent.
  • The method attribute on the <form> element determines the HTTP method.
  • Always include the name attribute in input elements, as it serves as the key for accessing data in PHP.
  • PHP can handle form data using the global arrays $_GET, $_POST, or $_REQUEST, based on the submission method.
Previous Tutorial:
Concept: Escaping
Next Tutorial:
Data Validation

Comments

Please read this before commenting