Handling our form

You now know enough to be able to program a script to handle the advanced form presented previously, so let's break it down.

Firstly, you should note that our variables will be coming in using the GET method. In the real world you would use POST because it is possible that users will submit large quantities of data in the "Life story" field, however using GET here lets you see how it all works. Because we're using the GET method, we should be reading our variables from $_GET.

The first two fields sent are Name and Password, which will both contain string data. Remember that the password HTML form element transmits its data as plain text, which means that both Name and Password can be handled the same way. As they are coming in via HTTP GET, they values entered by our visitors will be in $_GET['Name'] and $_GET['Password'] - note that the cases have been preserved from the form exactly, and that, as per usual, PHP considers $_GET['name'] to be different from $_GET['Name'].

Moving on there is the select list box Age, which will return a string value - either "Under 16", "16-30", "31-50", or "51-80". >From the PHP point of view, this is no different to handling input from a text box other than we can, to a certain extent, have an idea about what the values will be. That is, under normal circumstances we will always know what the values will be, as our users have to pick one option from a list we present. However, it takes only a little knowledge to "hack" the page so that users can input what they like - just remember the golden rule, "Never trust user input".

The Story text area element submits data in the same way as a normal text box does, with the difference that it can contain new line characters \n. The chances are that you want to convert these new line characters into HTML line breaks (the <br /> element), and you can use this simple str_replace() example to do just that:

$_GET['Story'] = str_replace("\n", "<br />", $_GET['Story']);

Next we get to our radio buttons, FaveSport. As radio buttons can only submit one value, this one value will be available as a normal variable in $_GET['FaveSport']. This is in contrast to the check box form elements that follow - they have the name Languages[], which will make PHP convert them into a single array of values, available in $_GET['Languages'].

That is the entire form covered - we can put the whole script together now using the above information, plus the other techniques we've covered in previous chapters. Here is a script I wrote to parse the form - you should copy mine yourself, then try rewriting it using some of the other functions.

<?php
    $_GET['Languages'] = implode(', ', $_GET['Languages']);
    $_GET['Story'] = str_replace("\n", "<br />", $_GET['Story']);

    print "Your name: {$_GET['Name']}<br />";
    print "Your password: {$_GET['Password']}<br />";
    print "Your age: {$_GET['Age']}<br /><br />";
    print "Your life story:<br />{$_GET['Story']}<br /><br />";
    print "Your favourite sport: {$_GET['FaveSport']}<br />";
    print "Languages you chose: {$_GET['Languages']}<br />";
?>

As you can see, the entire script to handle the HTML form we created is just eight lines long, of which six are just print statements reading from the $_GET array. The first two lines aren't anything special, either - line one converts the Languages array created from the check boxes into one string using implode(), and line two converts the new line characters in the Story text area into HTML line breaks.

However, the script above contains an bug - what happens if our users don't check any boxes for languages? The answer is that browsers will not send any languages information, which means that $_GET['Languages'] will not be set, which in turn means that the first line in the script will cause an error! The solution is fairly simple, though - use if (isset($_GET['Languages'])) to check whether there is a value set: if there is, use implode() to make it a string, and if not, put a dummy text string in there like "You did not select any languages!"

Copyright ©2015 Paul Hudson. Follow me: @twostraws.