A PHP Application: The Wedding Gift Registry - Learning MySQL

Databases Reference

In-Depth Information

When the user types in information and clicks the Submit button, the form passes the

data to the script specified in the form action attribute; in our example, the data is sent

to the script process.php .

Our form has three input fields: username , password , and submit . Since the form submits

the data using the POST method, we can look inside the $_POST superglobal array in

process.php to access the corresponding values as $_POST["username"] ,

$_POST["password"] , and $_POST["submit"] . The data from the submit field will just be

Log In (as specified in the form), and this field isn't very useful; however, it's important

to know that it exists.

Using One Script for the Form and for Processing

It's common to use a single PHP script to both generate the HTML form and to receive

the submitted form data. When the user submits the form, the browser sends the user

data along with the request. The script can decide what to do by checking for the user

data: if there's no user data, it generates and sends the HTML login form; if there is

some user data, it processes it. We can use the count( ) function to count the number

of entries in the $_POST array. If the count is nonzero, we know that some data has been

submitted using the POST method:

// If the number of elements in the $_POST array is nonzero...

if(count($_POST))

{

// Process form data

}

// otherwise...

else

{

// Generate HTML form

}

?>

We can improve this code a bit. If a user clicks the Submit button without typing in a

username or password, the $_POST array will still contain one item: the data from the

Submit button itself ( $_POST["submit"] ). We can try to read the username and password

from the $_POST array; if the form has not been submitted, this array will be uninitialized,

and so the username and password entries will be empty. The username and password

can also be left blank by the user. In either case, our script will detect an empty username

or password, and will show the form. If the username and password aren't empty, the

script will process the data and try to log the user in to the application:

// Pre-process the authentication data from the form for security

// and assign the username and password to local variables

if(count($_POST))

{

$username = clean($_POST["username"], 30);

$password = clean($_POST["password"], 30);

}

Learning MySQL

Search WWH ::

Custom Search

Home