The Essential Guide to Dreamweaver CS3 with CSS, Ajax, and PHP
By: David Powers
$29.99
Beginning PHP and MySQL 5: From Novice to Professional, Second Edition
By: W. Jason Gilmore
$26.99
Pro Drupal Development
By: John K. VanDyk, Matt Westgate
$29.69
Programming PHP
By: Rasmus Lerdorf, Kevin Tatroe, Peter MacIntyre
$26.39
Introduction
In the last part, I showed you how to use PHP to send e-mail messages using a script. In this part I will continue this and also show you how to use PHP and forms together to make your PHP scripts useful.
Setting Up Your Form
Setting up a form for use with a PHP script is exactly the same as normal in HTML. As this is a PHP tutorial I will not go into depth in how to write your form but I will show you three of the main pieces of code you must know:
Will display a text input box with Your Name written in it as default. The value section of this code is optional. The information defined by name will be the name of this text box and should be unique.
Will display a large scrolling text box with the text 'Please write your message here.' as default. Again, the name is defined and should be unique.
This will create a submit button for your form. You can change what it says on the button by changing the button's value.
All the elements for your form must be enclosed in the tags. They are used as follows:
The form's action tells it what script to send its data to (in this case its process.php). This can also be a full URL (e.g. http://www.mysite.com/scripts/private/processors/process.php). The method tells the form how to submit its data. POST will send the data in a data stream to the script when it is requested. GET is the other option. GET will send the form data in the form of the url so it would appear after a question mark e.g. http://www.mysite.com/process.php?name=david
It really makes no difference which system you use but it is normally better to use POST if you are using passwords or sensitive information as they should not be shown in the browser's address bar.
Getting The Form Information
The next step is to get the data the form has submitted into your script so that you can do something with it. This is. There are basically two different methods of getting the data into PHP, which depend on how they were submitted. There are two submission methods, GET and POST, which can both be used by forms. The difference between the two is that using GET, the variables and data will be shown in the page address, but using POST it is invisible. The benefit of GET, though is that you can submit information to the script without a form, by simply editing the URL.
This works the same as submitting a form using GET. The advantage of this is that you can create links to your scripts which do different things depending on the link clicked. For example you could create a script which will show different pages depending on the link clicked:
yourpage.php?user=david
could show David's page and:
yourpage.php?user=tom
could show Tom's page, using the same script.
It is also possible to pass more than one piece of information to the script using this system by separating them with the & symbol:
yourpage.php?user=david&referrer=gowansnet&area=6
These could all be accessed separately using the GET variables user, referrer and area.
To get a variable which has been sent to a script using the POST method you use the following code:
$variablename=$_POST['variable'];
which basically takes the variable from the POST (the name of a form field) and assigns it to the variable $variablename.
Similarly, if you are using the GET method you should use the form:
$variablename=$_GET['variable'];
This should be done for each variable you wish to use from your form (or URL).
Creating The Form To Mail Script
To finish off this section, I will show you how to use what you have learnt in this part and the last to create a system which will e-mail a user's comments to you.
Firstly, create this form for your HTML page:
This will make a simple form where the user can enter their e-mail address, their name and their comments. You can, of course, add extra parts to this form but remember to update the script too. Now create the PHP script:
function checkOK($field)
{
if (eregi("\r",$field) || eregi("\n",$field)){
die("Invalid Input!");
}
}
$name=$_POST['name'];
checkOK($name);
$email=$_POST['email'];
checkOK($email);
$comments=$_POST['comments'];
checkOK($comments);
$to="php@gowansnet.com";
$message="$name just filled in your comments form. They said:\n$comments\n\nTheir e-mail address was: $email";
if(mail($to,"Comments From Your Site",$message,"From: $email\n")) {
echo "Thanks for your comments.";
} else {
echo "There was a problem sending the mail. Please check that you filled in the form correctly.";
}
?>
Remember to replace php@gowansnet.com with your own e-mail address. This script should be saved as mail.php and both should be uploaded. Now, all you need to do is to fill in your comments form.
The first part of that script may look a bit strange:
function checkOK($field)
{
if (eregi("\r",$field) || eregi("\n",$field)){
die("Invalid Input!");
}
}
You don't really need to worry about what this is doing, but basically, it stops spammers from using your form to send thier spam messages by checking special characters are not present in the input which can be used to trick the computer into sending messages to other addresses. It is a fuction which checks for these characters, and if they are found, stops running the script.
The lines:
checkOK($name);
etc. run this check on each input to ensure it is valid.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment