Home > Article > Backend Development > How to handle form data in PHP
With the continuous development of the Internet, forms have become an indispensable part of web development. Forms allow users to enter data that needs to be submitted, thereby enabling interaction with the server. In PHP, processing form data is very convenient. This article will introduce how to process form data in PHP.
1. Get form data
When the user submits the form, PHP can obtain the data submitted by the form through the $_POST or $_GET variable. Among them, the $_POST variable is used to obtain form data submitted by POST, and the $_GET variable is used to obtain form data submitted by GET. The following are two ways to obtain form data:
(1) Obtain form data through the $_POST variable
First you need to understand the basic form code, as follows:
< ;form action="result.php" method="post">
<input type="text" name="username"> <input type="submit" name="submit" value="Submit">
f5a47148e367a6035fd7a2faa965022e
In the form, the name attribute of the input tag is used to submit the form to The server transmits the data. Here is a sample code to get form data using $_POST:
$username = $_POST["username"];
Here, we used $_POST["username"] to get the form data from Get the content of the input box named "username" from the submitted form data, and then assign it to the $username variable.
(2) Obtain the form data through the $_GET variable
If you use the GET method to submit the form, you can obtain the form data through the $_GET variable. Usage is similar to above, just replace $_POST with $_GET.
2. Securely handle form data
When processing form data, security is crucial. The following are some methods for safely processing form data:
(1) htmlspecialchars() function
The htmlspecialchars() function can convert some special characters into HTML entities, thus preventing script injection. Using this function, you can convert special characters in user-submitted form data into HTML entities, such as < to <.
$username = htmlspecialchars($_POST["username"]);
(2) strip_tags() function
You can also perform the strip_tags() function on user form data Processing, this function removes all markup from the form data, leaving only plain text.
$username = strip_tags($_POST["username"]);
(3) trim() function
trim() function is used to remove form data Spaces and other whitespace characters. This prevents users from accidentally entering extra spaces and other whitespace characters.
$username = trim($_POST["username"]);
3. Verify form data
After obtaining and processing the form data, verification needs to be performed to Ensure data validity. The following are some methods of form data verification:
(1) empty() function
The empty() function can determine whether the form data is empty, but it also returns true for 0 and false. So use !== in this case.
if(!empty($_POST["username"])){
// 表单数据不为空
}
(2) filter_var() function
filter_var( ) function can verify whether the form data conforms to the specified format. For example, you can use the filter_var() function to verify that an email address is valid.
$email = filter_var($_POST["email"], FILTER_VALIDATE_EMAIL);
if($email){
// 电子邮件地址有效
} else {
// 电子邮件地址无效
}
(3) preg_match() function
Use the preg_match() function to verify form data using regular expressions. For example, the following code will verify that the username is valid:
if(preg_match("/^[a-zA-Z0-9] $/", $_POST["username"])){
// 用户名有效
} else {
// Invalid user name
}
Summary:
PHP provides many ways to obtain, process, and verify form data. When processing forms, you need to pay attention to security and avoid script injection. At the same time, validation is also very important for most form applications. By using these techniques appropriately, you can make your forms applications more robust and secure.
The above is the detailed content of How to handle form data in PHP. For more information, please follow other related articles on the PHP Chinese website!