PHP Form

PHP Form Tutorial – Handling Forms in PHP (Complete Guide with Examples)

Welcome to phponline.in – your trusted destination to learn PHP programming from scratch.

In this detailed PHP Forms tutorial, we will cover everything you need to know about working with HTML forms in PHP:

• What are forms in PHP?
• Difference between GET and POST methods
• Handling form data securely
• Input validation and sanitization
• Real-world projects like login forms, registration forms, and contact forms
• Preventing common vulnerabilities like XSS & SQL Injection

By the end of this guide, you will be able to:

• Create secure PHP forms
• Validate and sanitize user input
• Store and process form data
• Build real-world projects like contact forms and login systems

You will Learn

1. Introduction to PHP Forms
2. Why Forms are Important in PHP
3. HTML Form Basics
4. PHP Form Handling Overview
5. GET vs POST Method
6. Superglobals: $_GET and $_POST
7. Working with $_REQUEST and $_SERVER
8. PHP Form Example with GET
9. PHP Form Example with POST
10. Handling Multiple Input Fields
11. Form Handling with Radio Buttons
12. Form Handling with Checkboxes
13. Form Handling with Select Dropdown
14. File Upload Forms in PHP
15. PHP Form Validation Basics
16. Required Fields Validation
17. Email Validation in PHP Forms
18. Number & Phone Validation
19. Password Strength Validation
20. Sanitizing User Input (trim, htmlspecialchars)
21. Preventing Cross-Site Scripting (XSS) in Forms
22. Preventing SQL Injection in Forms
23. PHP Contact Form Example
24. PHP Login Form Example
25. PHP Registration Form Example
26. Form Error Handling and Messages
27. Sticky Forms (Preserving Data After Submit)
28. Multiple Page Form Handling
29. Using PHP Sessions with Forms
30. Using PHP Cookies with Forms
31. File Handling with Forms (Upload & Store)
32. Image Upload with Validation
33. PHP Form and MySQL Database Integration
34. Storing Form Data into MySQL
35. Retrieving and Displaying Data from MySQL
36. Secure Form Handling Practices
37. Regex with Forms (Advanced Validation)
38. PHP Form in Object-Oriented Style
39. PHP Form with AJAX (Basic Example)
40. Common Mistakes in PHP Forms
41. Best Practices for PHP Forms
42. Real-Life Mini Project: Student Registration Form
43. Real-Life Mini Project: Feedback Form with Database
44. Real-Life Mini Project: Subscription Form with Email Confirmation
45. PHP Forms and Security Checklist
46. Advanced Topics: CSRF Protection in PHP Forms
47. PHP Forms vs. Modern Alternatives (Frameworks)
48. Tools to Test PHP Forms Online
49. PHP Form Interview Questions

1. Introduction to PHP Forms

Forms are one of the most important components of web development. They allow users to interact with your website by submitting data such as:

• Usernames and passwords (login forms)
• Contact information (contact forms)
• Search queries (search boxes)
• File uploads (profile pictures, resumes)

In PHP, forms are processed using superglobal variables like $_GET, $_POST, and $_REQUEST.

2. Why Forms are Important in PHP?

Forms are essential because they:

• Collect user data
• Enable user registration & login systems
• Handle e-commerce transactions
• Allow feedback and communication

👉 Related: PHP Global Variables

3. HTML Form Basics

A simple form looks like this:

<form action="welcome.php" method="post">
  Name: <input type="text" name="name">
  <input type="submit">
</form>

Here:

• action → specifies the PHP file that processes the form
• method → defines how data is sent (GET or POST)

4. PHP Form Handling Overview

PHP collects form data using:

• $_GET → retrieves data from forms sent with GET
• $_POST → retrieves data from forms sent with POST

5. GET vs POST Method

6. Superglobals: $_GET and $_POST

echo $_GET['name'];  
echo $_POST['email'];

👉 Related: PHP Superglobals

7. Working with $_REQUEST and $_SERVER

• $_REQUEST → can retrieve both GET and POST data
• $_SERVER → used for form-related info like request method

8. PHP Form Example with GET

<form method="get">
  Name: <input type="text" name="name">
  <input type="submit">
</form>

<?php
if (isset($_GET['name'])) {
    echo "Hello " . htmlspecialchars($_GET['name']);
}
?>

9. PHP Form Example with POST

<form method="post">
  Email: <input type="text" name="email">
  <input type="submit">
</form>

<?php
if (isset($_POST['email'])) {
    echo "Email entered: " . htmlspecialchars($_POST['email']);
}
?>

15. PHP Form Validation Basics

Validation ensures that user input is correct before storing/processing.

Example:

if (empty($_POST['name'])) {
    echo "Name is required";
}

20. Sanitizing User Input

$name = trim($_POST['name']);
$name = htmlspecialchars($name);

23. PHP Contact Form Example

A simple contact form:

<form method="post">
  Name: <input type="text" name="name"><br>
  Email: <input type="text" name="email"><br>
  Message: <textarea name="message"></textarea><br>
  <input type="submit">
</form>

Processing:

if ($_SERVER["REQUEST_METHOD"] == "POST") {
  $name = htmlspecialchars($_POST['name']);
  $email = htmlspecialchars($_POST['email']);
  $message = htmlspecialchars($_POST['message']);
  echo "Thank you, $name. We received your message.";
}

24. PHP Login Form Example

<form method="post">
  Username: <input type="text" name="username"><br>
  Password: <input type="password" name="password"><br>
  <input type="submit" value="Login">
</form>

Processing with validation:

if ($_POST['username'] === "admin" && $_POST['password'] === "1234") {
    echo "Login successful!";
} else {
    echo "Invalid credentials.";
}

👉 Related: PHP Operators

33. PHP Form and MySQL Database Integration

$conn = mysqli_connect("localhost", "root", "", "testdb");
if (!$conn) die("Connection failed");

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $name = mysqli_real_escape_string($conn, $_POST['name']);
    $email = mysqli_real_escape_string($conn, $_POST['email']);
    $sql = "INSERT INTO users (name, email) VALUES ('$name', '$email')";
    mysqli_query($conn, $sql);
}

👉 Related: PHP Arrays

42. Mini Project: Student Registration Form

A full registration form with:

• Name, Email, Phone, Password
• Validation & sanitization
• Storage in MySQL database

45. PHP Forms and Security Checklist

• Always validate & sanitize inputs
• Use prepared statements (PDO/MySQLi)
• Escape special characters with htmlspecialchars()
• Use CSRF tokens for high-security forms

PHP form, PHP form tutorial, PHP form handling, PHP POST form, PHP GET form, PHP form validation, PHP contact form, PHP login form, PHP registration form, PHP secure form

Summary & Conclusion

• PHP forms are the bridge between users and backend processing
• Always choose POST for sensitive data
• Validate & sanitize inputs before saving
• Secure forms using prepared statements, XSS & CSRF prevention

FAQs on PHP Forms

Q1: How to send data from a form to PHP?
A: Use action attribute in <form> and access data using $_GET or $_POST.

Q2: Which method is better – GET or POST?
A: POST is recommended for secure and large data submissions.

Q3: How do I validate form data in PHP?
A: Use isset(), empty(), regex, and filter_var() functions.

Q4: How can I protect my PHP form from SQL Injection?
A: Use prepared statements with PDO or MySQLi.

Q5: How to create a secure PHP contact form?
A: Validate inputs, sanitize data, prevent XSS, and use email validation regex.