In the last part of php tutorial, we showed you how to use PHP to send e-mail messages using a script. In this part we will continue this and also show you how to use PHP and forms together to make your PHP scripts useful and attractive.

Setting Up Your Form

Setting up a form for use with a PHP script is exactly the same as normal in HTML. As this is a PHP tutorial we will not go into depth in how to write your form but we will show you three of the main pieces of code you must know:

<input type="text" name="thebox" value="Your Name">

We will display a text input box with Your Name written in it as default. The value section of this code is optional. The information defined by name will be the name of this text box and should be unique field.

<textarea name="message">
Please write your message here.
</textarea>

Now we display a large scrolling text box with the text 'Please write your message here.' as default text. Again, the name is defined and should be unique.

<input type="submit" value="Submit">

This will create a submit button for your application form. You can change what it says on the button by changing the form button's value.

All the elements for your form must be enclosed in the <form> tags. They are used as follows:

<form action="process.php" method="post">
Form elements and formatting etc.
</form>

The submission form's action tells that what script to send its data (in this case its process.php). This can also be a full URL (e.g. http://www.mysite.com/scripts/private/processors/process.php). The method tells the form how to submit its data entity. POST will send the data in a data stream to the script when it is requested. GET is the other option. GET will send the form data in the form of the url so it would appear after a question mark e.g. http://www.mysite.com/process.php?name=david

So it makes no difference which system you use but it is normally better to use POST if you are using passwords or sensitive information as they should not be shown in the browser's address bar field.

Getting The Form Information:

The next step used here is to get the data the form has submitted into your php script so that you can do something with it. There are basically two different methods of getting the data into PHP, which depend on how they were submitted. There are two submission methods, GET and POST, which can both be used by forms. The difference between the two is that using GET, the variables and data will be shown in the page address, but using POST it is invisible. The benefit of GET, though is that you can submit information to the script without a form, by simply editing the URL.

To works the same as submitting a form using GET method. The advantage of this is that you can create links to your scripts which do different things depending on the link clicked. For example you could create a script which will show different pages depending on the link clicked:

yourpage.php?user=david
could show David's page and:
yourpage.php?user=tom
could show Tom's page, using the same script.

It is also possible to pass more than one piece of information system to the scripting language using this system by separating them with the & symbol:

yourpage.php?user=david&referrer=gowansnet&area=6

These could all be accessed separately using the GET variables user, referrer and area.

To get a variable which has been sent to a php script using the POST method you use the following code:
$variablename=$_POST['variable'];
which basically takes the variable from the POST (the name of a form field) and assigns it to the variable $variablename.

Similarly, if you are using the GET method you should use the form:
$variablename=$_GET['variable'];

This could be done for each variable you wish to use from your form (or URL) submission.

Creating The Form To Mail Script:

To finish off this section, we will show you how to use what you have learnt in this part and the last part to create a system which will e-mail a user's comments to you.

Firstly, create this form for your HTML page:

<form action="mail.php" method="post">
Your Name: <input type="text" name="name"><br>
E-mail: <input type="text" name = "email"><br><br>
Comments<br>
<textarea name="comments"></textarea><br><br>
<input type="submit" value="Submit">
</form>

It will makes a simple form where the user can enter their e-mail address, their name and their comments to post. You can, of course, add extra parts to this form but remember to update the script too. Now we will create the PHP script:

<?
function checkOK($field)
{
if (eregi("\r",$field) || eregi("\n",$field)){
die("Invalid Input!");
}
}

$name=$_POST['name'];
checkOK($name);
$email=$_POST['email'];
checkOK($email);
$comments=$_POST['comments'];
checkOK($comments);
$to="php@gowansnet.com";
$message="$name just filled in your comments form. They said:\n$comments\n\nTheir e-mail address was: $email";
if(mail($to,"Comments From Your Site",$message,"From: $email\n")) {
echo "Thanks for your comments.";
} else {
echo "There was a problem sending the mail. Please check that you filled in the form correctly.";
}
?>

You have to remember to replace php@gowansnet.com with your own e-mail address. This script should be saved as mail.php and both should be uploaded. Now, all you need to do is to fill in your comments form.

The first part of this script may look a bit strange:

function checkOK($field)
{
if (eregi("\r",$field) || eregi("\n",$field)){
die("Invalid Input!");
}
}

You don't really need to worry about what this is doing, but basically, it stops spammers from using your form to send thier spam messages by checking that the special characters are not present in the input field which can be used to trick the computer into sending messages to other addresses. It is a function which checks for these characters, and if they are found, stops running the php script.

The lines:

checkOK($name);

etc. run this check OK on each input field to ensure it as a valid field.