How to handle HTML form submission in PHP using the POST method
Overview
There are two main ways to collect data from the user via a form. We can use the GET method or the POST method. In this shot, we will learn to handle form-submitted data using the POST method.
This is what a form looks like in HTML:
<html><body><form action="handle_form.php" method="POST"><input type="text" name="name" placeholder="Username here..."> <br/><input type="email" name="email" placeholder="Email here..."> <br/><input type="submit"></form></body></html>
In the code above, the form tag has two properties, action and method. Let's learn more about them.
action: It specifies the file or the page to which the form is submitted. In our example, the form data will be submitted tohandle_form.phpusing thePOSTmethod.method: It describes the transport means used to send data. This is mostlyGETorPOST.
Note:
- In case we want the form data to be handled in the same file, we can leave the
actionattribute empty:<form action="" >.- If no method is specified,
GETis used by default.
The POST method
The POST method transmits data via a form. We need to explicitly specify it on the form tag's method property to use it. Unlike GET where submitted data are available and visible in the URL, POST hides data away from the user and sends them to the specified file to be handled. Apart from this, everything remains the same as it is in GET. All submitted data are available in the PHP built-in variable called $_POST, as an associative array.
Syntax
A form with the <input type='text' name='username' /> field stores submitted data using:
$_POST['username']
This is what handle_form.php looks like when data from the HTML form above are sent using POST:
<?php// handle_form.phpecho '<h1>Welcome at Educative</h1>';echo '<p>Username: ' . $_POST['username'] . '</p>';echo '<p>Email: ' . $_POST['email'] . '</p>';
- The
$_POSTfunction holds the name entered by the user in the input with the nameusername. - The
$_POSTfunction also holds the email address entered in the input field with the nameemail.
Example
<?php
// handle_form.php
$username = $_POST['name'];
$email = $_POST['email'];
// Basic control
if (!isset($username) || !isset($email))
{
echo 'Name or email field is empty.';
// Stop PHP execution
return;
}
echo '<h1>Welcome at Educative</h1>';
echo '<p>Username: ' . $username . '</p>';
echo '<p>Email: ' . $email . '</p>';Explanation
index.php
- Line 4: We create a
formthat uses thePOSTmethod and submits its data to thehandle_form.phpfile. - Lines 5 and 6: We have two inputs of the
textandemailtype.
handle_form.php
- Lines 3 and 4: We create two variables,
$usernameandemail, to hold user inputs. - Line 7: We use an
ifstatement to make sure the user has sent something. Otherwise, we stop the script. - Lines 15–17: If everything is fine, we display the result to the user.
Conclusion
The POST method is the preferred method to handle form-submitted data. Although it "hides" data from the user, it is not more secure than GET. Therefore, validations are still required to ensure we have safe data in our system. There's no character limit for POST like we have with GET. We can also use the POST method if we want to upload a file to the server.
