Receiving Data from a Form in PHP
You've created your form. Now you need to write the HandleForm.php script, which will receive and process the data generated by the form.html page. Here is where the true simplicity of PHP is demonstrated.
To create the HandleForm.php script:
Open your text editor and create a new document.
<HTML><HEAD><TITLE>Form Results </TITLE><BODY><?php /* This page receives and handles the data generated by "form.html". */ ?> </BODY></HTML>.
This is the standard format for a PHP page (Script 4). We added the comment to tell us the purpose of the script. Even though the form.html page indicates where the data is sent to (via the ACTION attribute), we ought to make a comment here indicating the reverse.
Create a new line after the comment but before the closing PHP tag. Type
print "Your first name is $FirstName.<BR>\n";.
print "Your last name is $LastName.<BR>\n";
print "Your E-mail address is $Email.<BR>\n";
print "This is what you had to say:<BR>\n $Comments<BR>\n";
Save your script as HandleForm.php.
Upload your script to the server, making sure that it is saved within the same directory as form.html.
Script 4 By taking the value of the NAME="Name" element in your HTML form and adding a dollar sign, you create a variable that contains the value of what the user entered in that corresponding form field. This is true whether the HTML input type is TEXT, TEXTAREA, or a SELECT menu and is one of the reasons why PHP is so great for handling HTML forms (compared to, say, CGI scripts, which require parsing code).
Figure 4 This is another application of the print statement, but it does constitute your first dynamically generated Web page. Refer to the book on how to manipulate the data received as well as how to send it in an e-mail or enter it into a database.
The point of this exercise is to demonstrate how easily you can transfer data from an HTML form to a PHP page. The PHP script will store the data in corresponding variables, so $FirstName takes on the value of what the user inputted into the field labeled FirstName (you take the name of the field in the HTML, add a dollar sign, and then you have the variable with the corresponding value). The transfer is automatic and, unlike CGI scripts, no parsing is necessary.
Another benefit to using PHP to handle HTML forms is that data is automatically escaped in transit. For example, if I thought "form.html" was too simple! was entered as the comment, the $Comments variable will be equal to I thought \"form.html\" was too simple! so that it may be printed without complication (Figure 5).
If you wanted to pass a preset value along to your script, use the HIDDEN type of input within your HTML form. For example, the line
<INPUT TYPE=HIDDEN NAME="ThisPage" VALUE="form.html">
inserted between the FORM tags would create a variable in your handling script called $ThisPage with the value of "form.html". Similarly, by telling PHP to
print ("<INPUT TYPE= HIDDEN NAME=\"FirstName\" VALUE=\"$FirstName\">");
you can extend the life of the $FirstName variable by passing its value along.
Although you can have the same file both display a form and handle the form's output using PHP, it does make your scripts unnecessarily complicated and difficult to debug. In the interest of simplicity, we will use a separate file, aptly named HandleForm.php.
Figure 5 PHP will automatically escape special characters entered into HTML. This is helpful when sending data back to the browser (as in this example where the quotation marks would interfere with the print() statement if not for being escaped) and when entering it into databases.