The basic form in Example 7-1 can be made more flexible by putting the display code and the processing code in separate functions. Example 7-6 is a version of Example 7-1 with functions.
Example 7-6. Saying “Hello” with functions
// Logic to do the right thing based on
// the request method
if ($_SERVER[‘REQUEST_METHOD’] == ‘POST’) {
process_form();
} else {
show_form();
}
// Do something when the form is submitted
function process_form() {
print “Hello, “. $_POST[‘my_name’];
}
// Display the form function show_form() {
print<<<_HTML_
form method=”POST” action=”$_SERVER[PHP_SELF]”>
Your name: <input type=”text” name=”my_name”>
<br/>
<input type=”submit” value=”Say Hello”>
</form>
_HTML_;
}
To change the form or what happens when it’s submitted, change the body of process_form() or show_form().
Breaking up the form processing and display into functions also makes it easy to add a data validation stage. Data validation, covered in detail in “Validating Data” on page 129, is an essential part of any web application that accepts input from a form. Data should be validated after a form is submitted, but before it is processed. Example 7-7 adds a validation function to Example 7-6.
Example 7-7. Validating form data
// Logic to do the right thing based on
// the request method
if ($_SERVER[‘REQUEST_METHOD’] == ‘POST’) {
if (validate_fom()) {
process_form();
} else {
show_form();
}
} else {
show_form();
}
// Do something when the form is submitted
function process_form() {
print “Hello, “. $_POST[‘my_name’];
}
// Display the form
function show_form() {
print<<<_HTML_
form method=”POST” action=”$_SERVER[PHP_SELF]”>
Your name: <input type=”text” name=”my_name”>
<br/>
<input type=”submit” value=”Say Hello”>
</form>
_HTML_;
}
// Check the form data
function validate_form() {
// Is my_name at least 3 characters long?
if (strlen($_POST[‘my_name’]) < ) {
return false;
} else {
return true;
}
}
The validate_form() function in Example 7-7 returns false if $_POST[‘my_name’] is less than three characters long, and returns true otherwise. At the top of the page, validate_form() is called when the form is submitted. If it returns true, then process_form() is called. Otherwise, show_form() is called. This means that if you submit the form with a name that’s at least three characters long, such as Bob or Bartholomew, the same thing happens as in previous examples: a Hello, Bob or Hello, Bartholomew message is displayed. If you submit a short name such as BJ or leave the text box blank, then validate_form() returns false and process_form() is never called. Instead show_form() is called and the form is redisplayed.
Example 7-7 doesn’t tell you what’s wrong if you enter a name that doesn’t pass the test in validate_fom(). Ideally, when someone submits data that fails a validation test, you should explain the error when you redisplay the form and, if appropriate, redisplay the value entered inside the appropriate form element. The following section shows you how to display error messages, and “Displaying Default Values” on page 142 explains how to safely redisplay user-entered values.
Source: Sklar David (2016), Learning PHP: A Gentle Introduction to the Web’s Most Popular Language, O’Reilly Media; 1st edition.