HTML and CSS Reference
In-Depth Information
ted, regardless of the method. For instance, to echo back (display in the web browser)
the values submitted in the previous form, the following PHP code might be used:
<p>
<?php
if (isset($_REQUEST["name"]) && isset($_REQUEST["age"])){
echo "Name: " . $_REQUEST["name"] . "<br />";
echo "Age: " . $_REQUEST["age"];
}
?>
</p>
Note
This is just a simple example used to display what was submitted; in a produc-
tion environment, form input would need to be screened to ensure no malicious code
was submitted as part of the form field data. For instance, for a form that updated a
database, SQL commands could be entered into the form, and if the server-side script
was not written to filter out commands of this sort, a malicious user could potentially
delete data in the database or worse!
Dissecting the form element
Ignoring the other elements for the moment, the
form
element is quite simple, existing
only as a container with a handful of attributes. In addition to the
method
and
action
attributes shown earlier, the
form
element has the following attributes (as well as the
type
,
name
,
novalidate
, and
target
. One attribute,
accept
, has been tossed to
the obsolete bin in HTML5, while two attributes,
autocomplete
and
novalidate
,
are new. Here's an example of a fully constructed
form
element:
<form
action="handle_form.php"
method="post"
tar-
get="_blank" accept-charset="UTF-8"
enctype="multipart/form-data" autocomplete="off" novalid-
ate>
While this uses all the attributes (excluding the global ones), it is not necessary to
enter all or any attributes, because they are all optional. Typically, at very least the
ac-
tion
and
method
(as in the earlier example) attributes will be specified. In the next
section, we will discuss what each of these attributes do, so you can decide for yourself
which you need.
Search WWH ::
Custom Search