Introduction to Form Submission PART II

[Xav]

OK, now we're going to do something with the data we have sent to the file result.php. If you haven't already, refer to Introduction to Form Submission PART I for the first part of the tutorial.

Setting up the Page
First of all, let's just make a nice HTML page with some CSS formatting:

HTML Code:

<html>
<head><title>Result Page</title>
<style type="text/css">
html, body
{
margin: 0;
padding: 0;
}
body
{
font-family: Arial;
background-color: black;
color: white;
}
</style>
<body>

The page will use Arial as the base font, and will have a white-on-black colour scheme. Adjust as required.

Extracting the Data
Right, now we need to grab that data we sent with the page. We can do this in PHP.

The method we use is to use one of two special variables:

• $_GET[] - for GET requests
• $_POST[] - for POST requests

Both are associative arrays - this means we can provide the key for it, and it returns the value.

Let's open a PHP script:

Code:

<?php

//Get the first name and last name.
//Concatenate into one string variable, called $name.
$name = $_GET["foreName"] . " " . $_GET["surName"];

So what have we done here? First, we've retrieved the two data values we sent in the previous tutorial. Notice how the key corresponds to the name attribute we gave the input tags.

We use the PHP concatenation operator, ".", to join the two variables together with a space inbetween. This is stored in the variable called $name (remember, anything starting with a $ is a variable).

If you used the method="post" attribute, then use the $_POST[] array instead. It depends on what you used when you sent the data.

Displaying the Data
Now we just need to print the data into the HTML page that is returned back to the user's browser. This is where the PHP "echo" function comes in:

Code:

echo "Pleased to meet you, $name.";

?> 


The use of the double quotes means that the PHP parser reads the variable name in the string and replaces it with the value it holds. We then end the PHP script with ?>.

Finally, we don't want W3C coming and killing us, so let's round off the page:

HTML Code:

</body>
</html>

Run the script under a server (either local or online). Type your name into the two boxes, and click the submit button. Your name should be integrated into the result page.

Conclusion
This concludes the introduction to Form Submission. This technique forms the basis of all form requests that are used on all sorts of sites, so hopefully you will be able to build on your skills from here and create some amazing sites!

Test yourself: Write a form submission where you type the name of the image you want to view. In the result page, this image appears in the form of an <img> tag.

Please +rep if useful. Leave any comments/praise here!

[Jordan]

Not bad, +rep.

You can also use $_REQUEST to fetch from either POST or GET. IE

Code:

$_REQUEST['Value'];  // Will fetch $_GET['Value'] or $_POST['Value'] 


You may also want to clean all input data. GET and POST data are considered tainted (since they originate from an outside source).

[Xav]

Yes you can use $_REQUEST, but I prefer to use GET and POST, because I don't have to remember which method I was using to send the data.

For this example, there is little danger of some sort of major security breach, so we should be OK for now!

[Jordan]

Yes you can use $_REQUEST, but I prefer to use GET and POST, because I don't have to remember which method I was using to send the data.

I think you have that backwards. With $_REQUEST[] you don't have to remember with ACTION method you specify in the form.

For this example, there is little danger of some sort of major security breach, so we should be OK for now!

Of course, tainted data is a whole new tutorial. I just wanted to throw that out there in case someone created a form and placed it on the web without considering it.

[Xav]

I think you have that backwards. With $_REQUEST[] you don't have to remember with ACTION method you specify in the form.

You misunderstand me. With GET or POST, I instantly know which method I used as soon as I see the variable. With REQUEST, it could be either, so I don't know for sure unless I check the page that sent out the data in the first place.

[Jordan]

I see. $_REQUEST isn't recommend by many programmers if you know where the data is coming from.

[Xav]

... which is why I didn't recommend it.

[Jordan]

Still, it is nice to have complete knowledge of it and if you don't know where the data is coming from there is no difference in using it vs. using a bloated if statement to determine if $_POST or $_GET isset.

[Xav]

Ah, yes, but in this particular case... we know where it is coming from!

[Brandon W]

Nice tutorial Xav. Fairly basic but still useful to some newbies to programming