Diese Seite bei php.net
The PHP manual text and comments are covered by the Creative Commons Attribution 3.0 License © the PHP Documentation Group - Impressum - mail("TO:Reinhard Neidl",...)
$_POST -- $HTTP_POST_VARS [veraltet, nicht empfohlen] — HTTP POST-Variablen
Ein assoziatives Array von Variablen, die dem aktuellen Skript mittels der HTTP POST-Methode übergeben werden.
$HTTP_POST_VARS enthält anfangs die selben Informationen, ist aber kein Superglobal. (Beachten Sie, dass $HTTP_POST_VARS und $_POST unterschiedliche Variablen sind und von PHP daher entsprechend behandelt werden.)
| Version | Beschreibung |
|---|---|
| 4.1.0 | Einführung von $_POST als Ablösung des bis dahin existierenden $HTTP_POST_VARS. |
Beispiel #1 $_POST-Beispiel
<?php
echo 'Hello ' . htmlspecialchars($_POST["name"]) . '!';
?>
Angenommen, der User POSTete name=Hannes
Das oben gezeigte Beispiel erzeugt eine ähnliche Ausgabe wie:
Hello Hannes!
Hinweis:
Dies ist eine 'Superglobale' oder automatisch globale Variable. Dies bedeutet, dass sie innerhalb des Skripts in jedem Geltungsbereich sichtbar ist. Es ist nicht nötig, sie mit global $variable bekannt zu machen, um aus Funktionen oder Methoden darauf zuzugreifen.
In response to "php dot net at bigbadaboom dot net", adding the value attr to the image submit button may not work in older browser (Opera 9.x for example).
A better solution would be to add a hidden input (<input name="hidden" .... /> in the form to handle both cases: when we have a submit button or an image button for submitting
you may have multidimensional array in form inputs
HTML Example:
<input name="data[User][firstname]" type="text" />
<input name="data[User][lastname]" type="text" />
...
Inside php script
after submit you can access the individual element like so:
$firstname = $_POST['data']['User']['firstname'];
...
When you have a form with some radio:
<?php
<form method='post'>
<input type='radio' name='55' value='1' >
<input type='radio' name='55' value='2' >
<input type='radio' name='55' value='3' >
<input type='radio' name='55' value='4' >
<input type='submit' value='ok' >
</form>
?>
if the name of the radio is a number will be returned by $_POST as INT!!!! not string as the manual says
if the name of the radio is 'test' will be of course returned ad string.
So your post array will look like this:
<?php
array
167302 => string '167308' (length=6)
167314 => string '167344' (length=6)
167347 => string '5867521' (length=7)
'3754952706' => string '3754952706' (length=10)
'3744466946' => string '3744466946' (length=10)
'3740271617' => string '3740271617' (length=10)
'3749709826' => string '3749709826' (length=10)
'3749708801' => string '1' (length=1)
'meta' =>
array
'hasJavascript' => string '0' (length=1)
'timeToComplete' => string '1264769572.6144' (length=15)
'Submit' => string 'Next' (length=4)
?>
Note the first 3 keys are int not string
This could affect you if you do some operations for example if you do an array_merge with your post values:
<?php
$arr1 = array(
167302 => '167308',
167314 => '167344',
167347 => '5867521',
'3754952706' => '3754952706',
'3744466946' => '3744466946',
'3740271617' => '3740271617',
'3749709826' => '3749709826',
'3749708801' => '1'
);
$arr2 = array(
'meta' =>
array (
'hasJavascript' => '0',
'timeToComplete' => '1264769572.6144'
)
);
?>
if you do :
<?php
$values = array_merge($arr1, $arr2);//this is done by zend in $form->getValues()
?>
guess what will be the result? your numeric keys will be reindexed starting from 0.
and your post values will look like this:
<?php
0 => string '167308' (length=6)
1 => string '167344' (length=6)
2 => string '5867521' (length=7)
'3754952706' => string '3754952706' (length=10)
'3744466946' => string '3744466946' (length=10)
'3740271617' => string '3740271617' (length=10)
'3749709826' => string '3749709826' (length=10)
'3749708801' => string '1' (length=1)
'meta' =>
array
'hasJavascript' => string '0' (length=1)
'timeToComplete' => string '1264769572.6144' (length=15)
?>
Take note that all $_POST values are (string).
If your form field should accept both numeric and alphabets but exclude a value of 0, you will have a problem.
<?php
## Using Equal operator
if($_POST['myfield'] == 0){
echo 'You cannot set it to 0';
} else {
echo 'Correct';
}
# You will get the following results
// $_POST['myfield'] = 0;
// Output: You cannot set it to 0;
// $_POST['myfield'] = 1;
// Output: Correct;
// $_POST['myfield'] = 'test';
// Output: You cannot set it to 0;
## Using Identical operator
if($_POST['myfield'] === 0){
echo 'You cannot set it to 0';
} else {
echo 'Correct';
}
# You will get the following results
// $_POST['myfield'] = 0;
// Output: Correct;
// $_POST['myfield'] = 1;
// Output: Correct;
// $_POST['myfield'] = 'test';
// Output: Correct;
// You need to convert numeric values to integer and use identical operator
$_POST['myfield'] = is_numeric($_POST['myfield']) ? (int)$_POST['myfield'] : $_POST['alias'];
if($_POST['myfield'] === 0){
echo 'You cannot set it to 0';
} else {
echo 'Correct';
}
# Now you will get the following results
// $_POST['myfield'] = 0;
// Output: You cannot set it to 0;
// $_POST['myfield'] = 1;
// Output: Correct;
// $_POST['myfield'] = 'test';
// Output: Correct;
?>
# This will convert $_POST into a query string
<?php
$query_string = "";
if ($_POST) {
$kv = array();
foreach ($_POST as $key => $value) {
$kv[] = "$key=$value";
}
$query_string = join("&", $kv);
}
else {
$query_string = $_SERVER['QUERY_STRING'];
}
echo $query_string;
?>
One feature of PHP's processing of POST and GET variables is that it automatically decodes indexed form variable names.
I've seem innumerable projects that jump through extra & un-needed processing hoops to decode variables when PHP does it all for you:
Example pseudo code:
Many web sites do this:
<form ....>
<input name="person_0_first_name" value="john" />
<input name="person_0_last_name" value="smith" />
...
<input name="person_1_first_name" value="jane" />
<input name="person_1_last_name" value="jones" />
</form>
When they could do this:
<form ....>
<input name="person[0][first_name]" value="john" />
<input name="person[0][last_name]" value="smith" />
...
<input name="person[1][first_name]" value="jane" />
<input name="person[1][last_name]" value="jones" />
</form>
With the first example you'd have to do string parsing / regexes to get the correct values out so they can be married with other data in your app... whereas with the second example.. you will end up with something like:
<?php
var_dump($_POST['person']);
//will get you something like:
array (
0 => array('first_name'=>'john','last_name'=>'smith'),
1 => array('first_name'=>'jane','last_name'=>'jones'),
)
?>
This is invaluable when you want to link various posted form data to other hashes on the server side, when you need to store posted data in separate "compartment" arrays or when you want to link your POSTed data into different record handlers in various Frameworks.
Remember also that using [] as in index will cause a sequential numeric array to be created once the data is posted, so sometimes it's better to define your indexes explicitly.
For a page with multiple forms here is one way of processing the different POST values that you may receive. This code is good for when you have distinct forms on a page. Adding another form only requires an extra entry in the array and switch statements.
<?php
if (!empty($_POST))
{
// Array of post values for each different form on your page.
$postNameArr = array('F1_Submit', 'F2_Submit', 'F3_Submit');
// Find all of the post identifiers within $_POST
$postIdentifierArr = array();
foreach ($postNameArr as $postName)
{
if (array_key_exists($postName, $_POST))
{
$postIdentifierArr[] = $postName;
}
}
// Only one form should be submitted at a time so we should have one
// post identifier. The die statements here are pretty harsh you may consider
// a warning rather than this.
if (count($postIdentifierArr) != 1)
{
count($postIdentifierArr) < 1 or
die("\$_POST contained more than one post identifier: " .
implode(" ", $postIdentifierArr));
// We have not died yet so we must have less than one.
die("\$_POST did not contain a known post identifier.");
}
switch ($postIdentifierArr[0])
{
case 'F1_Submit':
echo "Perform actual code for F1_Submit.";
break;
case 'Modify':
echo "Perform actual code for F2_Submit.";
break;
case 'Delete':
echo "Perform actual code for F3_Submit.";
break;
}
}
else // $_POST is empty.
{
echo "Perform code for page without POST data. ";
}
?>
<?php
foreach($_POST as $k=>$v) $$k=$v;
//to use $_POST["example"] as $example
foreach($_GET as $k=>$v) $$k=$v;
//to use $_GET["example"] as $example
//or better:
foreach(${"_" . $_SERVER["REQUEST_METHOD"]} as $k=>$v) $$k=$v;
//to use $_GET["example"] or $_POST["example"] as $example
?>
Make sure your submit buttons (ie. <input type="submit"> etc) have a 'value' attribute. If they don't, the value won't appear in $_POST and so isset($_POST["submit"]) won't work either.
Example:
<input type="submit" name="submit">
isset($_POST["submit"]) returns false
<input type="submit" name="submit" value="Next">
isset($_POST["submit"]) returns true.
This might seem obvious for text buttons since they need a label anyway. However, if you are using image buttons, it might not occur to you that you need to set a value attribute as well. For example, the value attribute is required in the following element if you want to be able to detect it in your script.
<input type="image" name="submit" src="next.gif" value="Next">
Nasty bug in IE6, Apache2 and mod_auth_sspi. Essentially if the user presses the submit button too quickly, $_POST (and the equivalents) comes back empty. The workaround is to set Apache's KeepAliveTimeout to 1. This would mean that the user would need to push submit within a second to trigger the issue.
<?
//If we submitted the form
if(isset($_POST['submitMe']))
{
echo("Hello, " . $_POST['name'] . ", we submitted your form!");
}
//If we haven't submitted the form
else
{
?>
<form action="<?=$_SERVER['PHP_SELF']?>" method="POST">
<input type="text" name="name"><br>
<input type="submit" value="submit" name="submitMe">
</form>
<?
}
?>
Diese Seite bei php.net