What are some best practices for handling form data in a single PHP file?

When handling form data in a single PHP file, it is important to properly sanitize and validate the input to prevent security vulnerabilities such as SQL injection or cross-site scripting attacks. Additionally, organizing the code to separate the form processing logic from the HTML presentation can improve readability and maintainability.

&lt;?php
// Check if form is submitted
if ($_SERVER[&quot;REQUEST_METHOD&quot;] == &quot;POST&quot;) {
    // Sanitize and validate form data
    $name = htmlspecialchars($_POST[&quot;name&quot;]);
    $email = filter_var($_POST[&quot;email&quot;], FILTER_VALIDATE_EMAIL);
    
    // Process the form data
    // Insert data into database, send email, etc.
    
    // Redirect after processing to prevent form resubmission
    header(&quot;Location: success.php&quot;);
    exit();
}
?&gt;

&lt;!DOCTYPE html&gt;
&lt;html&gt;
&lt;head&gt;
    &lt;title&gt;Form Example&lt;/title&gt;
&lt;/head&gt;
&lt;body&gt;
    &lt;form method=&quot;post&quot; action=&quot;&lt;?php echo $_SERVER[&#039;PHP_SELF&#039;]; ?&gt;&quot;&gt;
        &lt;label for=&quot;name&quot;&gt;Name:&lt;/label&gt;
        &lt;input type=&quot;text&quot; id=&quot;name&quot; name=&quot;name&quot; required&gt;
        
        &lt;label for=&quot;email&quot;&gt;Email:&lt;/label&gt;
        &lt;input type=&quot;email&quot; id=&quot;email&quot; name=&quot;email&quot; required&gt;
        
        &lt;button type=&quot;submit&quot;&gt;Submit&lt;/button&gt;
    &lt;/form&gt;
&lt;/body&gt;
&lt;/html&gt;

Keywords

$_POST $_GET $_REQUEST htmlspecialchars validation

What are some best practices for handling form data in a single PHP file?

Keywords

Related Questions