Reputation: 6251
What is the best way of checking whether or not a form has been submitted to determine whether I should pass the form's variables to my validation class?
First I thought maybe:
isset($_POST)
But that will always return true as a superglobal is defined everywhere. I don't want to have to iterate through each element of my form with:
if(isset($_POST['element1']) || isset($_POST['element2']) || isset(...etc
Whilst writing this question I thought of a much more basic solution, add a hidden field to act as a flag that I can check.
Is there a 'cleaner' way to do it than adding my own flag?
Upvotes: 147
Views: 368742
Reputation: 447
You can check it by
if ($_SERVER['REQUEST_METHOD'] == 'POST')
It is assumed and highly recommended to handle form in POST method instead of GET.
It is recommended to keep the form handler and form HTML page different and redirect to the HTML page from the handler, so the user doesn't submit the form twice.
Add a token to the form to prevent spam.
Upvotes: 0
Reputation: 17715
For general check if there was a POST
action use:
if ($_POST)
EDIT: As stated in the comments, this method won't work for in some cases (e.g. with check boxes and button without a name). You really should use:
if ($_SERVER['REQUEST_METHOD'] == 'POST')
Upvotes: 247
Reputation: 21
On a different note, it is also always a good practice to add a token to your form and verify it to check if the data was not sent from outside. Here are the steps:
Generate a unique token (you can use hash) Ex:
$token = hash (string $algo , string $data [, bool $raw_output = FALSE ] );
Assign this token to a session variable. Ex:
$_SESSION['form_token'] = $token;
Add a hidden input to submit the token. Ex:
input type="hidden" name="token" value="{$token}"
then as part of your validation, check if the submitted token matches the session var.
Ex: if ( $_POST['token'] === $_SESSION['form_token'] ) ....
Upvotes: 2
Reputation: 21
I had the same problem - also make sure you add name=""
in the input button. Well, that fix worked for me.
if($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST['add'])){
echo "stuff is happening now";
}
<input type="submit" name="add" value="Submit">
Upvotes: 2
Reputation: 1623
Actually, the submit button already performs this function.
Try in the FORM:
<form method="post">
<input type="submit" name="treasure" value="go!">
</form>
Then in the PHP handler:
if (isset($_POST['treasure'])){
echo "treasure will be set if the form has been submitted (to TRUE, I believe)";
}
Upvotes: 77
Reputation: 8187
Try this
<form action="" method="POST" id="formaddtask">
Add Task: <input type="text"name="newtaskname" />
<input type="submit" value="Submit"/>
</form>
//Check if the form is submitted
if($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST['newtaskname'])){
}
Upvotes: 14