PHP is designed to be used with HTML forms. Add the following to the body of your test file:
<?
$color = $_REQUEST["color"];
IF ($color):
?>
<p style="color: <?echo $color?>">
You said your favorite color was <?echo $color?>.
</p>
<?ENDIF?>
<form method="post" action="test.php">
<p>
What is your favorite color?
<input type="text" name="color" value="<?echo $color?>" />
</p>
<input type="submit" />
</form>
This is a one-field form. It just asks for the reader’s favorite color. The form’s “action” is the file itself: any php file can also be a form interpreter. The only field we have is the field ‘color’, so PHP automatically creates a container called “$color” which contains what the reader typed in that field.
The line “$color = $_REQUEST["color"];” tells PHP to take the “request” called “color” and place that in the container called “$color”. PHP puts form data into a list called “$_REQUEST”. You can ask for each form item by name in that list.
The line “IF ($color):” tells PHP that we only want to do the next few lines (until the “<?ENDIF ?>”) if the variable “$color” exists and has something in it. If this is the first time the reader viewed the page, or the reader pressed the submit button without typing a favorite color, “$color” will be empty, and those lines will be skipped.
We make use of the “echo” function to set the color of the “You said...” line, and to pre-fill the field if they’ve already filled out the form once.
Notice that we moved in and out of HTML in this example. We start with PHP, switch--while still in the “if” area--to HTML, and then switch back to PHP.
Sometimes you’ll want to know whether the field exists rather than, or in addition to, whether it actually has anything in it. You can use a function called “isset” to determine this. Rewrite your web page so that it reads:
<?
$color = $_REQUEST["color"];
IF (isset($color)):
IF ($color == ""):
echo "<p>You need to enter a color!</p>\n";
ELSE:
?>
<p style="color: <?echo $color?>">
You said your favorite color was <?echo $color?>.
</p>
<?
ENDIF;
ELSE:
echo "<p>Welcome to our color extravaganza!</p>\n";
ENDIF;
?>
<form method="post" action="test.php">
<p>
What is your favorite color?
<input type="text" name="color" value="<?echo $color?>" />
</p>
<input type="submit" />
</form>
You’ll notice a couple of changes here. First, we have an IF inside of our IF block. This is perfectly reasonable, and you will often do this. First, we see if the container “$color” is “set”, that is, has it been used at all. If it has, we go ahead and decide whether it has anything in it. In this case, we specifically check to see if it contains “”, that is, nothing.
Here, we used two equal signs. This is the source of one of the most common mistakes in programming. When we set a container to another value, we use a single “=”. When we check to see what a container contains, we use a double “==”. If you use one in place of the other, you will have major problems.
If our $color container contains nothing, we tell them they need to enter a color. Otherwise, we display their color.
Go ahead and try this script out. When you first visit the page, it should welcome you. If you try to submit the form with no color, it should tell you that you need to enter a color.
There are a number of “methods” that you can use to send your form data to the server for PHP to parse. Two of the most common are “POST” and “GET”. These each have their own place. The GET method is very useful if you want the viewers to be able to “come back” to the results page. For example, if you are providing a list of rooms in a building, you might use “GET” to allow them to bookmark a specific building. Or if you are providing a form that lets them search a list of classes by topic, you might use GET so that they can bookmark the topic and come back to it later to see if there are any new classes in that topic.
The GET method also allows them to copy the URL out of their web browser and send it by e-mail. So they could, for example, look up classes on a certain topic and then e-mail a link to those classes to a friend. Search engines often use the GET method. This allows viewers to bookmark certain searches, and it allows them to send the search results to friends or colleagues.
The POST method is not bookmarkable. You should use POST if you do not want the user to be able to “come back” to this page. For example, if they are purchasing something you don’t want them to submit the purchase twice. If they are deleting something from your database, coming back a second time will probably just result in an error; if they are inserting something into your database, they may end up inserting it twice if you aren’t careful with your PHP code.
POST information is also somewhat more secure. GET information is part of the URL. This means that it is also stored in the web server’s logs. Anyone who can see those logs can see the form information. Even if the server itself is a secure server, GET information is still posted to the logs. If your form requests secure or private information, you should use POST to submit it.
If they are going to be submitting a lot of data, you will need to use POST. Web browsers and web servers can “truncate” GET submissions. The limit on the size of a GET submission is highly variable but the general recommendation is that if the form data is likely to approach 1,024 bytes, go with the POST method. This is probably part of the reason that search engines, which want to be bookmarkable, will abbreviate their form fields to two-letter or one-letter fieldnames.