====== posting forms ======
When posting a web form, various things can occur that are non-standard or unexpected.
===== user presses enter in a text box and the form submits =====
Actually, the first submit-able object on the form is activated. Use scripting to disable the form: add onsubmit="return false;" to the FORM tag attributes. Then when the user clicks the actual submit button, you use scripting to clear the form onsubmit value, and call form submit(). This way, users who have scripting enabled will have a form that works well by nothing happening when enter is pressed in a form field, and users with scripting disabled will only suffer the problem of having the first submit-able object activated.
Also, be careful checking for the submit array key in $_POST because IE will not send it unless the user actually clicks the submit button, or presses enter on the button. If the user presses enter in a text field, the 'submit' key will not be set in the $_POST array.
===== upload a file =====
To allow a file to be uploaded in a form, you need to add the **enctype** attribute, and provide a input of type "file". Remember that php has a limit on the maximum file size that can be uploaded.
It is common to test for this to determine if a form was posted:
if( $_POST ){
// do something
}
However, if the only thing in your form was a file input and a submit button, then the post array may be empty. You should test for the files array instead:
if( $_FILES ){
// do something
}
===== handling max file size during uploads =====
It is advisable to handle file sizes during uploads. The easiest way to do this is to find out how large the file can be for uploads from apache and/or a php info page. Then you add this element to the form:
Once the form is posted, you can check for errors like this:
if( $_POST ){
if( isset($_FILES['datafile']) ){
if( $_FILES['datafile']['error'] === UPLOAD_ERR_OK ){
// process the uploaded file
}else{
// there was an error
}
}
}
You can run a switch/case block if you prefer, and handle each error code differently. See this page for more information about the file upload error codes:
* http://www.php.net/manual/en/features.file-upload.errors.php
===== multi select as an array =====
To have the selections of a select element become an array when the form is posted, use [] in the variable name.
===== form variables as an automatically keyed array =====
* http://us.php.net/manual/en/reserved.variables.post.php
One feature of PHP's processing of POST and GET variables is that it automatically decodes indexed form variable names.
I've seem innumerable projects that jump through extra & un-needed processing hoops to decode variables when PHP does it all for you:
Example pseudo code:
Many web sites do this:
When they could do this:
With the first example you'd have to do string parsing / regexes to get the correct values out so they can be married with other data in your app... whereas with the second example.. you will end up with something like:
array('first_name'=>'john','last_name'=>'smith'),
1 => array('first_name'=>'jane','last_name'=>'jones'),
)
?>
This is invaluable when you want to link various posted form data to other hashes on the server side, when you need to store posted data in separate "compartment" arrays or when you want to link your POSTed data into different record handlers in various Frameworks.
Remember also that using [] as in index will cause a sequential numeric array to be created once the data is posted, so sometimes it's better to define your indexes explicitly.