If you're new to PHP and want to learn how to handle forms and work with session data, this guide is for you. We'll build a simple project where a user can submit a form, save the data in a session, view it, and delete it later. By the end of this tutorial, you'll understand the basics of PHP form handling, validation, sanitization, and sessions.
What is Form Handling in PHP?
Form handling refers to the process of capturing data submitted through an HTML form and processing it in a server-side language like PHP. This includes:
- Fetching the form data: Using methods like GET or POST.
- Validating the data: Ensuring the input meets specific criteria.
- Sanitizing the data: Cleaning the input to prevent security issues like XSS attacks.
- Storing or processing the data: Saving it in sessions, databases, or displaying it back to the user.
What Are Sessions in PHP?
Sessions are a way to store information (variables) across multiple pages for a single user. Unlike cookies, session data is stored on the server, making it more secure. To start using sessions in PHP, we use the session_start() function.
The Project: PHP Form with Session Handling
Our project involves the following features:
- A user fills out a form with personal information.
- The submitted data is validated and sanitized.
- Valid data is stored in a session.
- Users can view or delete the session data.
File Structure
Here's the structure of our project:
project-folder/ │ ├── index.php # Form page ├── submit.php # Form handling and session storage ├── view_session.php # Viewing session data ├── delete_session.php # Deleting session data
Step 1: Creating the Form (index.php)
The index.php file contains a simple HTML form where users can input their details. Here's the code:
<?php session_start(); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>PHP Form with Session Handling</title> </head> <body> <h1>Submit Your Information</h1> <!-- Form Section for User Input --> <form method="get" action="submit.php"> <label for="name">Name:</label><br> <input type="text"> <hr> <h3> Step 2: Handling Form Submission (submit.php) </h3> <p>This file processes the submitted form data, validates it, and stores it in a session. Here's the code:<br> </p> <pre class="brush:php;toolbar:false"><?php session_start(); // Initialize error messages and data variables $error_name = ""; $error_age = ""; $error_email = ""; $error_website = ""; $name = $age = $email = $website = $gender = $comments = $hobbies = ""; // Sanitize and validate the form data if ($_SERVER["REQUEST_METHOD"] == "GET") { // Sanitize inputs $name = htmlspecialchars(trim($_GET['name'])); $age = htmlspecialchars(trim($_GET['age'])); $email = htmlspecialchars(trim($_GET['email'])); $website = htmlspecialchars(trim($_GET['website'])); $gender = isset($_GET['gender']) ? $_GET['gender'] : 'No gender selected.'; $hobbies = isset($_GET['hobbies']) ? $_GET['hobbies'] : ['No hobby selected.']; $comments = htmlspecialchars(trim($_GET['comments'])); // Validation checks if (empty($name)) { $error_name = "Name is required."; } if (empty($age) || !filter_var($age, FILTER_VALIDATE_INT) || $age <= 0) { $error_age = "Valid age is required."; } if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) { $error_email = "Valid email is required."; } if (empty($website) || !filter_var($website, FILTER_VALIDATE_URL)) { $error_website = "Valid website URL is required."; } // If no errors, store data in session if (empty($error_name) && empty($error_age) && empty($error_email) && empty($error_website)) { // Store data in session $_SESSION['name'] = $name; $_SESSION['age'] = $age; $_SESSION['email'] = $email; $_SESSION['website'] = $website; $_SESSION['gender'] = $gender; $_SESSION['hobbies'] = implode(", ", $hobbies); $_SESSION['comments'] = $comments; } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Form Submission Result</title> </head> <body> <h1>Form Submission Result</h1> <!-- Show Errors if any --> <?php if ($error_name) { echo "<p> <hr> <h3> Step 3: Viewing Session Data (view_session.php) </h3> <p>This file displays session data stored on the server.<br> </p> <pre class="brush:php;toolbar:false"><?php session_start(); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>View Session Data</title> </head> <body> <h1>View Stored Session Data</h1> <?php if (isset($_SESSION['name'])) { echo "<p><strong>Name:</strong> " . $_SESSION['name'] . "</p>"; echo "<p><strong>Age:</strong> " . $_SESSION['age'] . "</p>"; echo "<p><strong>Email:</strong> " . $_SESSION['email'] . "</p>"; echo "<p><strong>Website:</strong> <a href='" . $_SESSION['website'] . "' target='_blank'>" . $_SESSION['website'] . "</a></p>"; echo "<p><strong>Gender:</strong> " . $_SESSION['gender'] . "</p>"; echo "<p><strong>Hobbies:</strong> " . $_SESSION['hobbies'] . "</p>"; echo "<p><strong>Comments:</strong> " . $_SESSION['comments'] . "</p>"; } else { echo "<p>No session data found!</p>"; } ?> <br><br> <a href="index.php">Go Back</a> </body> </html>
Step 4: Deleting Session Data (delete_session.php)
This file destroys the session data.
<?php session_start(); session_unset(); // Remove all session variables session_destroy(); // Destroy the session ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Session Deleted</title> </head> <body> <h1>Session Data Deleted</h1> <p>All session data has been deleted successfully.</p> <br><br> <a href="index.php">Go Back</a> </body> </html>
Key Concepts Covered
-
Form Handling:
- Fetching data using the GET method.
- Validating inputs with conditions and filters.
- Sanitizing inputs with htmlspecialchars().
-
Sessions:
- Starting a session with session_start().
- Storing data in
the $_SESSION array.
- Viewing session data.
- Deleting session data using session_unset() and session_destroy().
Conclusion
This project demonstrates the basics of PHP form handling and session management. With these concepts, you can build more complex applications that handle user input securely and efficiently. Experiment with the code, and try extending it by adding features like database integration or more advanced validation.
Happy coding! ?
The above is the detailed content of Beginners Guide to PHP Form Handling with Sessions. For more information, please follow other related articles on the PHP Chinese website!

Hot AI Tools

Undress AI Tool
Undress images for free

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

Notepad++7.3.1
Easy-to-use and free code editor

SublimeText3 Chinese version
Chinese version, very easy to use

Zend Studio 13.0.1
Powerful PHP integrated development environment

Dreamweaver CS6
Visual web development tools

SublimeText3 Mac version
God-level code editing software (SublimeText3)

Hot Topics

To determine the strength of the password, it is necessary to combine regular and logical processing. The basic requirements include: 1. The length is no less than 8 digits; 2. At least containing lowercase letters, uppercase letters, and numbers; 3. Special character restrictions can be added; in terms of advanced aspects, continuous duplication of characters and incremental/decreasing sequences need to be avoided, which requires PHP function detection; at the same time, blacklists should be introduced to filter common weak passwords such as password and 123456; finally it is recommended to combine the zxcvbn library to improve the evaluation accuracy.

Common problems and solutions for PHP variable scope include: 1. The global variable cannot be accessed within the function, and it needs to be passed in using the global keyword or parameter; 2. The static variable is declared with static, and it is only initialized once and the value is maintained between multiple calls; 3. Hyperglobal variables such as $_GET and $_POST can be used directly in any scope, but you need to pay attention to safe filtering; 4. Anonymous functions need to introduce parent scope variables through the use keyword, and when modifying external variables, you need to pass a reference. Mastering these rules can help avoid errors and improve code stability.

To safely handle PHP file uploads, you need to verify the source and type, control the file name and path, set server restrictions, and process media files twice. 1. Verify the upload source to prevent CSRF through token and detect the real MIME type through finfo_file using whitelist control; 2. Rename the file to a random string and determine the extension to store it in a non-Web directory according to the detection type; 3. PHP configuration limits the upload size and temporary directory Nginx/Apache prohibits access to the upload directory; 4. The GD library resaves the pictures to clear potential malicious data.

There are three common methods for PHP comment code: 1. Use // or # to block one line of code, and it is recommended to use //; 2. Use /.../ to wrap code blocks with multiple lines, which cannot be nested but can be crossed; 3. Combination skills comments such as using /if(){}/ to control logic blocks, or to improve efficiency with editor shortcut keys, you should pay attention to closing symbols and avoid nesting when using them.

AgeneratorinPHPisamemory-efficientwaytoiterateoverlargedatasetsbyyieldingvaluesoneatatimeinsteadofreturningthemallatonce.1.Generatorsusetheyieldkeywordtoproducevaluesondemand,reducingmemoryusage.2.Theyareusefulforhandlingbigloops,readinglargefiles,or

The key to writing PHP comments is to clarify the purpose and specifications. Comments should explain "why" rather than "what was done", avoiding redundancy or too simplicity. 1. Use a unified format, such as docblock (/*/) for class and method descriptions to improve readability and tool compatibility; 2. Emphasize the reasons behind the logic, such as why JS jumps need to be output manually; 3. Add an overview description before complex code, describe the process in steps, and help understand the overall idea; 4. Use TODO and FIXME rationally to mark to-do items and problems to facilitate subsequent tracking and collaboration. Good annotations can reduce communication costs and improve code maintenance efficiency.

ToinstallPHPquickly,useXAMPPonWindowsorHomebrewonmacOS.1.OnWindows,downloadandinstallXAMPP,selectcomponents,startApache,andplacefilesinhtdocs.2.Alternatively,manuallyinstallPHPfromphp.netandsetupaserverlikeApache.3.OnmacOS,installHomebrew,thenrun'bre

TolearnPHPeffectively,startbysettingupalocalserverenvironmentusingtoolslikeXAMPPandacodeeditorlikeVSCode.1)InstallXAMPPforApache,MySQL,andPHP.2)Useacodeeditorforsyntaxsupport.3)TestyoursetupwithasimplePHPfile.Next,learnPHPbasicsincludingvariables,ech
