In many applications, you will need to retrieve user-entered data from a form of some sort. Here are a couple methods for doing so with PHP.
You are building a website for volunteers to sign up with a name and email for a project. You have a simple form where users enter their names and email addresses. What happens when they click submit on this form? Nothing happens if you use plain old HTML. HTML cannot do anything in itself. We need to make this work with the power of PHP.
Retrieving input from an HTML form is a basic PHP skill that everyone needs to know since a huge portion of any web application deals with forms in one way or another (e.g., login forms, registration forms, settings forms, email forms, etc.).
$_GET and $_POST
We have two pre-defined variables in PHP which are used to get data from an HTML form. These are $_GET and $_POST. You may have seen these in an HTML form. The opening form tag will have an attribute called “get” or “post.” Note the following example:
<form action="process.php" method="get">
In this HTML form element, we give it a method attribute of GET. This means, in order to retrieve data from this form, we must use the $_GET variable in PHP. On the other hand, if we use method=”post,” we would have to use the $_POST variable. What is the difference? How do we actually get the data?
$_GET
To use the GET method, we would set up our form like the example below with the “get” set as the method attribute.
<form action="process.php" method="get">
Name: <input type="text" name="fName">
Number: <input type="text" name="number">
<input type="submit">
</form>
Notice we gave each form field a name attribute. This is necessary as we need to be able to target each field. We also give each form field a meaningful name. Now, when the user clicks submit, what happens?
The action attribute specifies another file on your server where the form data is sent. Therefore, the actual PHP part is not run on the same page as the form (though it can be). Typically, it is run on another file. In the case above, when the user clicks submit, the form’s data is sent to the file process.php.
On the process.php file, we would have the following code:
<?php
$name = $_GET["fName"];
$number = $_GET["number"];
echo "Hello $name , your number is $number";
?>
You will see I create two new variables to store the values from my form ($name and $number). We set these variables equal to whatever is in the form field that has the name “fName” and “number.”
$_GET["fName"];
$_GET["number"];
Thus, we take the values from our form that was just completed from the fields specified by our $_GET variable and put them in two new variables. Then, we echo out the variables we created to the user to display a message on the action page.
My HTML form page:
Then, when I click submit, (notice the url):
This is the difference between GET and POST. With the GET method, our variables are appended to the URL of the processing page. Imagine if you were getting a password field from a user, and it was displayed in the url. That is why using GET to retrieve sensitive user information is generally not a good idea. That is also why you should look at POST for sending sensitive information (e.g., user passwords, emails, etc.).
$_POST
We use the POST variable the same exact way as the GET. The only difference is our information is hidden from the user, not displayed in the url. We also will have no limits on the amount of data you can send (for very big forms).
To change your method in the form to POST, use the following:
<form action="process.php" method="post">
Name: <input type="text" name="fName">
Number: <input type="text" name="number">
<input type="submit">
</form>
To change the variables in the process.php page to POST, use the following:
<?php
$name = $_POST["fName"];
$number = $_POST["number"];
echo "Hello $name , your number is $number";
?>
Using $post, when you click submit, your variables do not show up in the url: