Anonymous
Anonymous

Reputation: 6251

Checking if form has been submitted - PHP

What is the best way of checking whether or not a form has been submitted to determine whether I should pass the form's variables to my validation class?

First I thought maybe:

isset($_POST)

But that will always return true as a superglobal is defined everywhere. I don't want to have to iterate through each element of my form with:

if(isset($_POST['element1']) || isset($_POST['element2']) || isset(...etc

Whilst writing this question I thought of a much more basic solution, add a hidden field to act as a flag that I can check.

Is there a 'cleaner' way to do it than adding my own flag?

Upvotes: 147

Views: 368742

Answers (10)

Shakil Alam
Shakil Alam

Reputation: 447

You can check it by

if ($_SERVER['REQUEST_METHOD'] == 'POST') 

It is assumed and highly recommended to handle form in POST method instead of GET.

It is recommended to keep the form handler and form HTML page different and redirect to the HTML page from the handler, so the user doesn't submit the form twice.

Add a token to the form to prevent spam.

Upvotes: 0

matino
matino

Reputation: 17715

For general check if there was a POST action use:

if ($_POST)

EDIT: As stated in the comments, this method won't work for in some cases (e.g. with check boxes and button without a name). You really should use:

if ($_SERVER['REQUEST_METHOD'] == 'POST')

Upvotes: 247

Professor
Professor

Reputation: 21

On a different note, it is also always a good practice to add a token to your form and verify it to check if the data was not sent from outside. Here are the steps:

  1. Generate a unique token (you can use hash) Ex:

    $token = hash (string $algo , string $data [, bool $raw_output = FALSE ] );
    
  2. Assign this token to a session variable. Ex:

    $_SESSION['form_token'] = $token;
    
  3. Add a hidden input to submit the token. Ex:

    input type="hidden" name="token" value="{$token}"
    
  4. then as part of your validation, check if the submitted token matches the session var.

    Ex: if ( $_POST['token'] === $_SESSION['form_token'] ) ....
    

Upvotes: 2

Jen
Jen

Reputation: 21

I had the same problem - also make sure you add name="" in the input button. Well, that fix worked for me.

if($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST['add'])){
    echo "stuff is happening now";
}

<input type="submit" name="add" value="Submit">

Upvotes: 2

Rikesh
Rikesh

Reputation: 26421

Use

if(isset($_POST['submit'])) // name of your submit button

Upvotes: 38

Tzshand
Tzshand

Reputation: 1623

Actually, the submit button already performs this function.

Try in the FORM:

<form method="post">
<input type="submit" name="treasure" value="go!">
</form>

Then in the PHP handler:

if (isset($_POST['treasure'])){
echo "treasure will be set if the form has been submitted (to TRUE, I believe)";
}

Upvotes: 77

rizon
rizon

Reputation: 8187

Try this

 <form action="" method="POST" id="formaddtask">
      Add Task: <input type="text"name="newtaskname" />
      <input type="submit" value="Submit"/>
 </form>

    //Check if the form is submitted
    if($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST['newtaskname'])){

    }

Upvotes: 14

SW4
SW4

Reputation: 71150

You could also use:

is_array($_POST)

Upvotes: -6

CodeCaster
CodeCaster

Reputation: 151586

if ($_SERVER['REQUEST_METHOD'] == 'POST').

Upvotes: 29

Olaf
Olaf

Reputation: 10247

How about

if($_SERVER['REQUEST_METHOD'] == 'POST')

Upvotes: 182

Related Questions