You have a JavaScript blocked in your browser. Allow JavaScript to work the site!

Work with forms

HTML-forms are used to transfer data from the web page of the Web page. For working with forms in PHP provides a number of special funds.

Pre-defined variables

In PHP, there are a number of pre-defined variables that do not change when performing all applications in a specific environment. They are also called environment variables or variables. They reflect the settings of the WEB-server of Apache, as well as information about the request for this browser. It is possible to get URL values, query strings and other HTTP request elements.

All predefined variables are contained in the $ global associative array. In addition to environment variables, this array also contains global variables defined in the program.

Example 1.

$ Value) Echo "\\ $ Globals [\\" $ Key \\ "] \u003d\u003d $ Value
"; ?>

As a result, a list of all global variables will appear on the screen, including environment variables. The most commonly used of them:

Variable	Description	Building
$ _Server ["http_user_agent"]	Name and client version	Mozilla / 5.0 (Compatible; googleBot / 2.1; + http: //www.google.com/bot.html)
$ _Server ["remote_addr"]	IP address	144.76.78.3
getENV ("http_x_forwarded_for")	Internal client IP address
$ _Server ["Request_Method"]	Request Method (GET or POST)	Get.
$ _Server ["Query_String"]	When requesting get encoded data transmitted with URL
$ _Server ["Request_URL"]	Full address of the client, including a query string
$ _Server ["http_referer"]	The address of the page with which the request was made
$ _Server ["php_self"]	Path to the program being executed	/Index.php.
$ _Server ["Server_Name"]	Domain	website
$ _Server ["Request_uri"]	Way	/Php/php_form.php.

User entry processing

The PHP input processing program can be separated from HTML text containing input molds, and you can arrange on one page.

Example 2.

"Method \u003d" POST "\u003e

Card number:

There is no data transfer button here, because A form consisting of one field is transmitted automatically when you press the key .

When processing an element with a multi-valued selection to access all selected values, you need to add a couple of square brackets to the element name. To select multiple ellements, hold the Ctrl key.

Example 3.1.

Tea Coffee Milk Ham Cheese

The result of Example 3.1:

Example 3.2.

"; Foreach ($ item as $ value) echo"
• $ Value "; Echo"

"; ?>

Example 4. Receive values \u200b\u200bfrom CheckBox-flags

$ V) (if ($ V) echo "You know the programming language $ k!
"; ELSE ECHO" You do not know the programming language $ k.
"; } } ?>

"Method \u003d" POST "\u003e What programming languages \u200b\u200bdo you know?
Php.
Perl

The result of Example 4:

Example 5.

"; ?>

"Method \u003d" POST "\u003e < ?=@htmlspecialchars($_REQUEST["text"])?>

You can handle forms, without worrying about actual field names.

To do this, you can use (depending on the transmission method) an associative array of $ http_get_vars or $ http_post_vars. These arrays contain pairs name / value for each element of the transmitted form. If you do not care, you can use an associative array $ _request.

Example 6.

$ Value) Echo "$ Key \u003d\u003d $ Value
"; ?>

Example 7. Pressing the button using the "@" operator.

">

Using the HEADER () function, sending the browser header, you can redirect the user to a new page.

For example:

Transfer file to the server. Pour file. Upload

PHP allows you to transmit files to the server. The HTML form designed to transmit the file must contain the ECTYPE \u003d "MultiPart / Form-Data" argument.

In addition, a hidden field with the name MAX_FILE_SIZE should be in the form in front of the file to copy the file. The maximum size of the transmitted file must be recorded in this hidden field (usually no more than 2 MB).

The field itself is to transfer the file - the usual INPUT element with the Type \u003d "File" argument.

For example:

"Method \u003d" POST "\u003e

After the file is transferred to the server, it receives a unique name and stored in the directory for temporary files. The full path to the file is recorded in the global variable whose name matches the field name to transfer this file. In addition, PHP retains some more information about the transmitted file in other global variables:

Example 8.

"; ECHO" Name: "$ _ files [" UserFile "] [" Name "]."
"; Echo" Size: "$ _ Files [" UserFile "] [" Size "]."
"; ECHO" Type: ". $ _ files [" UserFile "] [" Type "]."
"; } ?>

"Method \u003d" POST "\u003e

Examples of downloading files to the server

If there are problems with the transcoding server of the downloaded file, the code symbol 0x00 Replaced with a space (code symbol 0x20), add to the file httpd.conf. From the Apache catalog (/ usr / local / apache) the following lines.

CharsetRecodeMultipartForms Off

One of the most important advantages of PHP is how it works with HTML forms. Here the main thing is that each element of the form automatically becomes available to your PHP programs. For detailed information on the use of forms in PHP, read the section. Here is an example of an HTML form:

Example # 1 simple HTML form

Your name:

Your age:

In this form there is nothing special. This is an ordinary HTML form without any special tags. When the user fills the form and press the send button, the Action.php page will be called. This file may be something like:

Example # 2 Display these forms

Hello, .
You years.

An example of the output of this program:

Hello, Sergey. You are 30 years old.

If you do not take into account the pieces of code with hTMLSPECIALCHARS () and (int)The principle of operation of this code should be simple and understandable. hTMLSPECIALCHARS () Provides the correct encoding of "special" HTML characters so that malicious HTML or JavaScript is inserted into your page. The Age field, about which we know that it should be a number, we can simply convert to integerthat automatically relieves us from unwanted characters. PHP can also do this automatically using the Filter extension. Variables $ _Post ["name"] and $ _post ["AGE"] automatically installed for you tools PHP. Earlier, we used the $ _Server superglobal variable, here we also use the $ _Post superglobal variable, which contains all POST data. notice, that send method (Method) Our form is POST. If we used the method Get.The information of our form would be in a superglobal variable $ _GET. In addition, you can use the $ _Request variable if the data source does not matter. This variable contains a mixture of data GET, POST, COOKIE.

15 YEARS AGO.

According to the HTTP Specification, You SHOULD USE THE POST METHOD WHEN YOU "RE USING THE FORM TO CHANGE THE STATE OF SOMETHING ON THE SERVER END. FOR EXLOW, IF A Page HAS A FORM TO ALLOW TO ALLOV TO Add their Own Comments, Like this Page Here, The Form Should Use POST. If you click "Reload" Or "refresh" on a post, it "s Almost Always An Error - You Shouldn" T Be Posting the Same Comment Twice - Which is Why These Pages Arena "t Bookmarked or Cached.

You Should Use The Get Method WHEN YOUR FORM IS, WELL, Getting Something Off The Server and Not Actually Changing Anything. For example, The Form for A Search Engine Should Use Get Be Changing Anything That The Client Might Care Anything, And Bookmarking Or Caching The Results Of A Search-Engine Query Is Just As Useful AS Bookmarking or Caching A STATIC HTML PAGE.

2 Years Ago.

Worth Clarifying:

POST IS NOT MORE SECURE THAN GET.

The Reasons for Choosing Get VS Post Involve Various Factors SUCH AS INTENT OF THE REQUEST (ARE LIMITS TO HOW LONG A URL CAN BE, AND GET PARAMETERS A SENT IN THE URL), and How Easily You Want The Action to Be Shareable - Example, Google Search Ire Get Because It Makes It Easy to Copy and Share The Search Query With Someone Else Simply by Sharing The URL.

Security Is Only A Consideration Here Due To the Fact That a Get Is Easier to Share Than A Post. Example: You don "T Want A Password to Be Sent by Get, Because the user Might Share The ReSulting Url and Inadvertently Expose Their Password.

HOWEVER, A GET AND A POST AER EQUALLY EASY TO INTERCEPT by A Well-Placed Malicious Person If You Don "T Deploy TLS / SSL to Protect The Network Connection Itself.

All Forms Sent Over Http (Usally Port 80) Are Insecure, And Today (2017), There Arena "T Many Good ReaSons for a Public Website to Not Be using HTTPS (Which is basicly HTTP + Transport Layer Security).

AS A BONUS, IF You Use TLS You Minimise The Risk of Your Users Getting Code (ADS) Injected Into Your Traffic That Wasn "T Put There By You.

In this lesson, we will get acquainted with the function mail (), on the example of creating feedback forms on PHP With the subsequent sending data to the mail.

To do this, create two files - forma.php. and mail.php.. In the first file there will be only a form with fields for entering the user. Inside tag form - Button "Email" And attribute action.which refers to the handler - mail.php., It is to it that data from the form are shown when you press the button "Email". In our example, these forms are sent to a web page titled "/Mail.php". This page registed the script on Php.which processes the form data:

These forms are sent by the method POST. (processed as $ _Post.). $ _Post. - this is an array of variables transferred to the current script through the method POST..

Below you see the contents of the file forma.php.whose fields fills the user to some web site. All field entry fields must have an attribute name., We prescribe values \u200b\u200byourself based on logic.

Feedback form on PHP

Leave a message:

Your name:



E-mail:

Phone number:

Message:

The text area may contain an unlimited number of characters -\u003e

So the form visually looks in the browser.

Next Write code for the file mail.php.. Invent yourself names for variables. IN Php. variable begins with a sign $ and then the name of the variable. The text value of the variable is quotes. Using the variables on an administrator email, the contents of the form are transmitted, simply substituting the name of the form element into square brackets - value name..

$ to \u003d " "; // Email of the data recipient from the form
$ Tema \u003d "Feedback form on PHP"; // Theme of the Eamel received
$ message \u003d "Your name:" $ _ POST ["NAME"]. "
"; // Assign a variable value obtained from the Name \u003d Name form
$ Message. \u003d "E-mail:". $ _ post ["email"]. "
"; // obtained from the form name \u003d email
$ Message. \u003d "Phone number:" $ _ post ["phone"]. "
"; // Received from the Name \u003d Phone form
$ Message. \u003d "Message:". $ _ post ["message"]. "
"; // Received from the Name \u003d Message form
$ Headers \u003d "Mime-Version: 1.0". "\\ r \\ n"; // Title corresponds to the format plus a string translation symbol
$ Headers. \u003d "Content-Type: Text / Html; Charset \u003d UTF-8". "\\ r \\ n"; // Indicates the type of content sent
Mail ($ to, $ Tema, $ Message, $ Headers); // Sends variable values \u200b\u200bto the recipient on email
?>

Thus, the data from the array $ _Post. will be transferred to the corresponding variables and sent to mail using the function mail. Let's fill in our shape and click the Send button. Do not forget to specify your e-mail. The letter came instantly.