How to use sessions in PHP

In this previous lesson we styled a basic HTML form using Bootstrap.

We will now look at how we process the data from the form.

We finished the previous lesson with this HTML code:

<!DOCTYPE html>
<html lang="en">
   <head>
    <title>Bootstrap Form Example</title>
      <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
   </head>
   <body>
      <form>
         <div class="form-group">
            <label for="name">Name</label>
            <input type="text" class="form-control" id="name" placeholder="Name">
         </div>
         <div class="form-group">
            <label for="email">Email</label>
            <input type="email" class="form-control" id="email" placeholder="Email">
         </div>
         <div class="form-group">
            <label for="password">Password</label>
            <input type="password" class="form-control" id="password" placeholder="Password">
         </div>
         <button type="submit" class="btn btn-default">Submit</button>
      </form>
   </body>
</html>

STEP 1

The first thing we need to do is provide an action and a method for our form. 

Line 8: we are sending the form to a processing script called 'processForm.php' with a 'post' method.

<!DOCTYPE html>
<html lang="en">
   <head>
      <title>Bootstrap Form Example</title>
      <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
   </head>
   <body>
      <form action="processForm.php" method="post">
         <div class="form-group">
            <label for="name">Name</label>
            <input type="text" class="form-control" id="name" placeholder="Name">
         </div>
         <div class="form-group">
            <label for="email">Email</label>
            <input type="email" class="form-control" id="email" placeholder="Email">
         </div>
         <div class="form-group">
            <label for="password">Password</label>
            <input type="password" class="form-control" id="password" placeholder="Password">
         </div>
         <button type="submit" class="btn btn-default">Submit</button>
      </form>
   </body>
</html>

STEP 2

Now let us take a look at the processing script.

First of all, we do not want this script to run unless data has been posted to the form.

<?php

if(!empty($_POST)){
   
}

There are other functions we could use such as isset().

The exclamation mark means NOT. So, line 3 literally means: if the post is not empty.

STEP 3

Next, if the 3 fields were required, we can check if each of the 3 inputs contain data.

<?php

if(!empty($_POST)){
   if(!empty($_POST['name']) && !empty($_POST['email']) && !empty($_POST['password'])){
      
   }
}

Again, there are other ways we could handle this data. It is up to the developer to select an appropriate method and ensure that data validation is carried out.

For example, we could have taken each of the data values in turn and built up an error message e.g. The 'name' field is required.

STEP 4

So far we know that we have values in each of the 3 fields.

We can now assign the values to variables:

<?php

if(!empty($_POST)){
   if(!empty($_POST['name']) && !empty($_POST['email']) && !empty($_POST['password'])){
      $name = $_POST['name'];
      $email = $_POST['email'];
      $password = $_POST['password'];
   }
}

WARNING: we have NOT added any data validation or sanitization and we are accepting raw data from the user up to this point. Not a good idea! It is up to the developer to validate and sanitize the user input. This may vary depending on required usage. For example, some developers use comprehensive REGEX checks while others prefer the PHP functions such as filter_var. You will probably need to consider trimming white space too.

STEP 5

We can now perform some actions on the data such as inserting into a database.

<?php

if(!empty($_POST)){
   if(!empty($_POST['name']) && !empty($_POST['email']) && !empty($_POST['password'])){
      $name = $_POST['name'];
      $email = $_POST['email'];
      $password = $_POST['password'];
      
      //perform some operations on the data AFTER ensuring it is sanitized
      
   }
}

Want to Learn More?

Become a member and get access to the member only area of this site here.

Comments

Your email address will not be published.

User Avatar

Many thanks for a great article

by John G, 22-Dec-2015

User Avatar

You are very welcome, John

by Patrick Morrow, 22-Dec-2015

PHP for Beginners

Enrol in the full course here

PHP, MySQL and PDO

Coming soon, a full course on using PHP, MySQL and PDO. Be notified as soon as the course goes live.