0

How do you capture submitted values from a form and displayed them back on the page in the form fields using PHP? I have already created the form which is as follows:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
 <title>Order Form</title>
 <meta http-equiv="content-type" content="text/html;charset=UTF-8" />
</head>
<body>
<form name="orderform" method="get" action="ProcessOrder.php">
<p>Name<br/>
<input type="text" name="name" size="50" /><br/>
<p>Address<br/>
<input type="text" name="address" size="50" /><br/>
<p>City<br/>
<input type="text" name="city" size="50" /><br/>
<p>Province<br/>
<input type="text" name="province" size="2" /><br/>
<p>Postal Code<br/>
<input type="text" name="postalcode" size="6" /><br/>
<p>Email<br/>
<input type="reset"/>
<input type="submit"/><p>
</form>
</body>
</html>

Edit: If I wanted to use a php file to get the values and display them for each field would that work? For example: 

<?php 
 <input type="text" name="name" size="50" value="isset($_GET["name"]) ? htmlspecialchars($_GET["name"]) : ""; ?>" /><br/>
?>
asked Nov 18, 2009 at 4:13

4 Answers 4

3

For each field, do something like this:

<input type="text" name="name" size="50" value="<?php print isset($_GET["name"]) ? htmlspecialchars($_GET["name"]) : ""; ?>" /><br/>
answered Nov 18, 2009 at 4:15
Sign up to request clarification or add additional context in comments.

1 Comment

You want the isset() and the htmlspecialchars() which the other examples don't have.
1

I usually use something like this for simple forms/sites without a framework.

$name = isset($_GET['name']) ? trim($_GET['name']) : "";
$address = isset($_GET['address']) ? trim($_GET['address']) : "";
$city = isset($_GET['city']) ? trim($_GET['city']) : "";
$province = isset($_GET['province']) ? trim($_GET['province']) : "";
$postalcode = isset($_GET['postalcode']) ? trim($_GET['postalcode']) : "";
...
<p>Name<br/>
<input type="text" name="name" size="50" value="<?= htmlspecialchars($name); ?>" /><br/>
<p>Address<br/>
<input type="text" name="address" size="50" value="<?= htmlspecialchars($address); ?>" /><br/>
<p>City<br/>
<input type="text" name="city" size="50" value="<?= htmlspecialchars($city); ?>" /><br/>
<p>Province<br/>
<input type="text" name="province" size="2" value="<?= htmlspecialchars($province); ?>" /><br/>
<p>Postal Code<br/>
<input type="text" name="postalcode" size="6" value="<?= htmlspecialchars($postalcode); ?>" />

This allows you to set default values if you need to, or you can just leave them blank.

Or you can do the following*

$fields = array(
 'name' => '', 
 'address' => '', 
 'city' => '', 
 'provice' => 'Quebec', 
 'postalcode' => ''
);
foreach ( $fields as $field => $default ) {
 $$field = isset($_GET[$field]) ? trim($_GET[$field]) : $default;
}

And the HTML remains the same.

* No, I didn't test this.

answered Nov 18, 2009 at 4:23

Comments

0

The PHP manual has a great tutorial on how to work with forms in PHP

<form action="action.php" method="post">
 <p>Your name: <input type="text" name="name" /></p>
 <p>Your age: <input type="text" name="age" /></p>
 <p><input type="submit" /></p>
</form>

Hi <?php echo htmlspecialchars($_POST['name']); ?>.
You are <?php echo (int)$_POST['age']; ?> years old.

A sample output of this script may be:

Hi Joe. You are 22 years old.

answered Nov 18, 2009 at 4:17

Comments

0

Revised:

 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
 <title>Order Form</title>
 <meta http-equiv="content-type" content="text/html;charset=UTF-8" />
</head>
<body>
<form name="orderform" method="get" action="ProcessOrder.php">
<p>Name<br/>
<input type="text" name="name" size="50" value="<?php echo(htmlspecialchars ($_GET['name'])); ?>/><br/>
<p>Address<br/>
<input type="text" name="address" size="50"value="<?php echo(htmlspecialchars ($_GET['address'])); ?> /><br/>
<p>City<br/>
<input type="text" name="city" size="50" value="<?php echo(htmlspecialchars ($_GET['city'])); ?>/><br/>
<p>Province<br/>
<input type="text" name="province" size="2" value="<?php echo(htmlspecialchars ($_GET['province'])); ?>/><br/>
<p>Postal Code<br/>
<input type="text" name="postalcode" size="6" value="<?php echo(htmlspecialchars ($_GET['postalcode'])); ?>/><br/>
<p>Email<br/>
<input type="reset"/>
<input type="submit"/><p>
</form>
</body>
</html>

EDIT: Sorry realized you were using GET not POST.

answered Nov 18, 2009 at 4:14

3 Comments

1) The form is GET, not POST; 2) XSS vunerabilities are present; 3) Will cause a (notice, error, warning? not sure which one).
Don't forget to sanitize your input. Also this isn't allowed on file upload elements.
had already noticed the GET before your comment! updated for xss. was just trying to show him a quick example, but agree that should be part of the solution.

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.