Previous Section  < Day Day Up >  Next Section

6.3 Form Processing with Functions

The basic form in Example 6-1 can be made more flexible by putting the display code and the processing code in separate functions. Example 6-6 is a version of Example 6-1 with functions.

Example 6-6. Saying "Hello" with functions
// Logic to do the right thing based on 

// the submitted form parameters

if (array_key_exists('my_name',$_POST) {

    process_form( );

} else {

    show_form( );

}



// Do something when the form is submitted

function process_form( ) {

    print "Hello, ". $_POST['my_name'];

}



// Display the form

function show_form( ) {

    print<<<_HTML_

<form method="POST" action="$_SERVER[PHP_SELF]">

Your name: <input type="text" name="my_name">

<br/>

<input type="submit" value="Say Hello">

</form>

_HTML_;

}

To change the form or what happens when it's submitted, change the body of process_form( ) or show_form( ). These functions make the code a little cleaner, but the logic at the top still depends on some form-specific information: the my_name parameter. We can solve that problem by using a hidden parameter in the form as the test for submission. If the hidden parameter is in $_POST, then we process the form. Otherwise, we display it. In Example 6-7, this strategy is shown using a hidden parameter named _submit_check.

Example 6-7. Using a hidden parameter to indicate form submission
// Logic to do the right thing based on 

// the hidden _submit_check parameter

if ($_POST['_submit_check']) {

    process_form( );

} else {

    show_form( );

}



// Do something when the form is submitted

function process_form( ) {

    print "Hello, ". $_POST['my_name'];

}



// Display the form

function show_form( ) {

    print<<<_HTML_

<form method="POST" action="$_SERVER[PHP_SELF]">

Your name: <input type="text" name="my_name">

<br/>

<input type="submit" value="Say Hello">

<input type="hidden" name="_submit_check" value="1">

</form>

_HTML_;

}

It's OK in this example to take a shortcut and not use array_key_exists( ) in the if( ) statement at the top of the code. The _submit_check form parameter can only have one value: 1. You don't have to worry about it being present in $_POST but having a value that evaluates to false.

In addition to making the main logic of the page independent of any changing form elements, using a hidden parameter as a submission test also ensures that the form is processed when a user clicks "Enter" in their browser to submit it instead of clicking the submit button. When a form is submitted with "Enter," some browsers don't send the name and value of the submit button as part of the submitted form data. A hidden parameter, however, is always included.

Breaking up the form processing and display into functions also makes it easy to add a data validation stage. Data validation, covered in detail in Section 6.4, is an essential part of any web application that accepts input from a form. Data should be validated after a form is submitted, but before it is processed. Example 6-8 adds a validation function to Example 6-7.

Example 6-8. Validating form data
// Logic to do the right thing based on 

// the hidden _submit_check parameter

if ($_POST['_submit_check']) {

    if (validate_form( )) {

        process_form( );

    } else {

        show_form( );

    }

} else {

    show_form( );

}



// Do something when the form is submitted

function process_form( ) {

    print "Hello, ". $_POST['my_name'];

}



// Display the form

function show_form( ) {

    print<<<_HTML_

<form method="POST" action="$_SERVER[PHP_SELF]">

Your name: <input type="text" name="my_name">

<br/>

<input type="submit" value="Say Hello">

<input type="hidden" name="_submit_check" value="1">

</form>

_HTML_;

}



// Check the form data

function validate_form( ) {

    // Is my_name at least 3 characters long?

    if (strlen($_POST['my_name']) < 3) {

        return false;

    } else {

        return true;

    }

}

The validate_form( ) function in Example 6-8 returns false if $_POST['my_name'] is less than three characters long, and returns true otherwise. At the top of the page, validate_form( ) is called when the form is submitted. If it returns true, then process_form( ) is called. Otherwise, show_form( ) is called. This means that if you submit the form with a name that's at least three characters long, such as Bob or Bartholomew, the same thing happens as in previous examples: a Hello, Bob (or Hello, Bartholomew) message is displayed. If you submit a short name such as BJ or leave the text box blank, then validate_form( ) returns false and process_form( ) is never called. Instead show_form( ) is called and the form is redisplayed.

Example 6-8 doesn't tell you what's wrong if you enter a name that doesn't pass the test in validate_form( ). Ideally, when someone submits data that fails a validation test, you should explain the error when you redisplay the form and, if appropriate, redisplay the value he entered inside the appropriate form element. Section 6.4 shows you how to display error messages, and Section 6.5 explains how to safely redisplay user-entered values.

    Previous Section  < Day Day Up >  Next Section