How to create a PHP form that submit to self ?

Forms can be submitted to the web page itself using PHP. The main purpose of submitting forms to self is for data validation. Data validation means checking for the required data to be entered in the form fields.

PHP_SELF is a variable that returns the current script being executed. You can use this variable in the action field of the form. The action field of the form instructs where to submit the form data when the user presses the submit button. Most PHP pages maintain data validation on the same page as the form itself.
An advantage of doing this is in case of a change in the website structure, the data validation code for the form, and the form remain together.

Code Snippet:

<form name=”form1″ method=”post” action=”<?php echo htmlspecialchars($_SERVER[‘PHP_SELF’]); ?>” >

Explanation:



  • $_SERVER[‘PHP_SELF’]: The $_SERVER[“PHP_SELF”] is a super global variable that returns the filename of the currently executing script. It sends the submitted form data to the same page, instead of jumping on a diffirent page.
  • htmlspecialcharacters(): The htmlspecialchars() function converts special characters to HTML entities. It will replace HTML characters like with < and >. This prevents scripting attacks by attackers who exploit the code by inserting HTML or Javascript code in the form fields.

Note: The $_SERVER[‘PHP_SELF’] can be easily exploited by hackers using cross-site scripting by inserting a ‘/’ in the URL and then a vulnerable script, but htmlspecialcharacters() is the solution, it converts the HTML characters from the site into harmless redundant code.

Below example illustrate the above approach:

Example:

filter_none

edit
close

play_arrow

link
brightness_4
code

<!DOCTYPE html>
<html>
  
<head>
</head>
  
<body>
    <?php
        // Defining variables
        $name = $email = $level = $review = "";
  
        // Checking for a POST request
        if ($_SERVER["REQUEST_METHOD"] == "POST") {
          $name = test_input($_POST["name"]);
          $email = test_input($_POST["email"]);
          $review = test_input($_POST["review"]);
          $level = test_input($_POST["level"]);
        }
  
        // Removing the redundant HTML characters if any exist.
        function test_input($data) {
          $data = trim($data);
          $data = stripslashes($data);
          $data = htmlspecialchars($data);
          return $data;
        }
        ?>
  
        <h2>PHP Form Example: GFG Review</h2>
        <form method="post" action=
            "<?php echo htmlspecialchars($_SERVER[" PHP_SELF "]);?>">
            Name:
            <input type="text" name="name">
            <br>
            <br> 
            E-mail:
            <input type="text" name="email">
            <br>
            <br>
            Review For GFG:
            <textarea name="review" 
                      rows="5" cols="40">
            </textarea>
            <br>
            <br> 
            Satisfaction Level:
            <input type="radio" name="level" 
                   value="Bad">Bad
            <input type="radio" name="level"
                   value="Average">Average
            <input type="radio" name="level"
                   value="Good">Good
            <br>
            <br>
            <input type="submit" name="submit"
                   value="Submit">
        </form>
  
        <?php
            echo "<h2>Your Input:</h2>";
            echo $name;
            echo "<br>";
            echo $email;
            echo "<br>";
            echo $review;
            echo "<br>";
            echo $level;
        ?>
</body>
  
</html>

chevron_right


Output:

  • Before submitting:
  • After submitting:

You can also insert functions to check the values entered as per the requirements and display validation accordingly. PHP forms submitting to self find a lot of application in data validation and database input formating.

full-stack-img




My Personal Notes arrow_drop_up

Check out this Author's contributed articles.

If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to contribute@geeksforgeeks.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.

Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.