Detecting whether a form has been submitted with PHP

Question

I'm looking for a clean way to handle forms with PHP that does validation and caching of data, but doesn't require mixing PHP with the form HTML. Basically, I want to be able to write a form in pure HTML and intercept that form on it's way to it's destination, process it and either let the data go happily on it's way, or return to the form sending validation errors and the cached results back with it.

This all part of a little framework I'm developing as an aid to learning. My initial plan was to use the Routing object to sniff out GET and POST data, but that data doesn't always indicate the presence of a form.

I've been looking through this list of HTTP Headers but I'm not seeing anything that could help. Although I've never bothered looking at HTTP Headers before so I could easily be missing something.

Or is there some other reliable way of detecting form submissions?

Answer 1

You pretty much have two options:

1. Use ajax.
2. Submit to a middleman.php and redirect to step 2 of the process, or back to the form.

I would recommend ajax to avoid unnecessary page loads. You could do something like:

(assuming use of jQuery here because it is what I know)

$.post("middleman.php", {option1: options}, function(data){
    if (data == 1) window.location = 'step2.html';
    else $("#notificationArea").text("sorry, form incorrect")}, "html");

Then your middleman.php would echo either 1 for a correctly submitted form, or anything else for incorrect.

Also, this javascript notifies the user of incorrectness. You could also echo specific error messages for specific parts of the form that are incorrect. (this also assumes you have a div "notificiationArea" that can hold the noficiation)

Answer 2

There is no generic way to distinguish between form submissions and simple links when it comes to GET requests.

With plain HTML, only forms can generate POST requests, so filtering on REQUEST_METHOD might be a viable solution. (However, this obviously won't catch GET requests, and AJAX can also generate POST requests, so...)

If you control the form, I'd suggest adding something like

<input type="hidden" name="this_is_a_form" />

to every form. (For bonus points, you can intercept the form HTML and add the above line on the fly.)

Answer 3

I would encourage you to look at how existing frameworks accomplish data validation. I use QCubed, they do exactly what you described (intercepting user input and validating it before processing) very well. Here's the tutorial that describes how their form processing flows: http://examples.qcu.be/assets/_core/php/examples/basic_qform/process_flow.php. Form_Validate is exactly the stage you described.

Side note: it's important to do data validation on the server side for security / data integrity reasons. If you want, you can ADD client-side (javascript) validation on top of that, to improve the user experience. But you HAVE to have the server-side validations, too.

Answer 4

Hi, you can check by:

if(!empty($_POST) && isset($_POST['submit']))

where "submit" is name of your submit button ...