Chapter 7: Chapter 7: Handling Forms and User Input | AutoCodeWizard eBook | AutoCodeWizard eBook - PowerShell Essentials: Mastering Scripting and Automation for Windows Administration

Chapter 7: Handling Forms and User Input

Discover how to handle user input through forms in PHP, process submitted data, and validate it to create interactive web applications.

In this chapter, we’ll explore how to collect and process user input through HTML forms in PHP. Handling forms is a fundamental skill for creating interactive, data-driven applications. We’ll cover how to validate and sanitize user data to ensure your application is secure and functional.

Creating an HTML Form

To collect user input, start by creating a simple HTML form with action and method attributes:

<form action="process.php" method="post">
    <label for="name">Name:</label>
    <input type="text" name="name" id="name"><br>
    <label for="email">Email:</label>
    <input type="email" name="email" id="email"><br>
    <input type="submit" value="Submit">
</form>

In this form, the data will be sent to process.php using the POST method when the user submits the form.

Accessing Form Data with `$_POST`

PHP provides the $_POST superglobal to access data submitted via a POST request. Here’s how to retrieve form data:

<?php
// process.php
$name = $_POST['name'];
$email = $_POST['email'];

echo "Name: " . $name . "<br>";
echo "Email: " . $email;
?>

In this example, $name and $email store the submitted form data, which is then displayed on the page.

Validating User Input

Validating input ensures that the data meets your application’s requirements. Here’s an example of basic validation for required fields:

<?php
if (empty($_POST['name']) || empty($_POST['email'])) {
    echo "All fields are required.";
} else {
    $name = $_POST['name'];
    $email = $_POST['email'];
    echo "Name: " . $name . "<br>";
    echo "Email: " . $email;
}
?>

In this example, the script checks if name or email is empty before processing the data.

Sanitizing User Input

Sanitizing input removes unwanted characters, ensuring that data is safe and properly formatted. PHP’s filter_var function can sanitize user input:

<?php
$email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL);
echo "Sanitized Email: " . $email;
?>

In this example, filter_var removes invalid characters from the email address.

Validating Email Format

Use filter_var to validate specific formats, like email addresses:

<?php
$email = $_POST['email'];
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
    echo "Valid Email: " . $email;
} else {
    echo "Invalid Email Address.";
}
?>

In this example, the email is validated to ensure it meets the proper format.

Handling `GET` Requests

In addition to POST, PHP also supports GET requests, where data is sent via the URL. Access GET data using the $_GET superglobal:

<?php
// Accessing data from a URL like: process.php?name=Alice
$name = $_GET['name'];
echo "Name: " . $name;
?>

In this example, $_GET['name'] retrieves data sent in the URL.

Summary and Next Steps

In this chapter, we covered handling forms and user input in PHP, including accessing POST and GET data, validating and sanitizing input, and processing form submissions. In the next chapter, we’ll dive into working with files and directories, giving you the skills to manage files within your PHP applications.