PHP "Form" best practice?

Sheldon Livingston
Sheldon Livingston used Ask the Experts™
Using PHP I will have a form with about 50 fields on it.

One way to get to the page/form is to search by item ID.  If found the page will come up and the form will fill with existing data.

I would like to utilize the same page/form to "create" items.

What would be a good way to do this?

One way is to set each DB field to a variable and then populate the form using the variables.  For "new" items I would simply set the variables to defaults (usually blank or empty).

Is this about the only way?
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Scott FellDeveloper & EE Moderator
Fellow 2018
Most Valuable Expert 2013

I would do it like this

<!DOCTYPE html>
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width">
 <div id="editItem">
     <!-- edit form code here -->  
  <button id="new">New</button>
<div id="modal">
  <!-- new form here -->  

Open in new window

The edit form is created dynamically and populated by your database.  The new form is hidden in a modal. When you click the New button, the modal appears and you can create your new item.
Analyst Developer
Distinguished Expert 2018
IMO it will be better to use the Object Oriented Programming in this case.

By creating a class for your table you don't have to create all those variables you will get one object contains all the table attributes.

Example : let say you've an object Student for your tables students in the database it will be easy for you to attach them attributes to the form field whe you get your object from the DB like :

<input name="first_name" value="<?php echo $student->first_name; ?>">
<input name="last_name" value="<?php echo $student->last_name; ?>">

Open in new window

For the new form, the call of attributes will remain the same (so form body will be the same for the "new/edit" actions) but the object will be just instanciated with empty values (you've to set this in you constructor) :

$student = new Student();

Open in new window

I will recommend to you the use of a PHP framework if you can, that will make your life easier. else you need to follow some tutorials in PHP OOP connecting with DB tables, If you choose this approach let me know to provide some links for you.
Sheldon LivingstonConsultant


Thank you guys... I'll be looking at OOP.  Zakaria... can you provide some links please?
Most Valuable Expert 2017
Distinguished Expert 2018

There are other options

If you want to go the render route then typically you set up helper functions to render out fields. For example

$form->addInput('name', $data);

Open in new window

This would then do something like
function addInput($name, $data=[])
   $value = isset($data[$name]) ? $data[$name] : ''
   echo <<< INPUT
    <input type="text" name="data[{$name}]" value="{$value}">

Open in new window

Before calling this you would
With the above you can pass anything you like to the field generator. If you are editing a record pass in the data value - the generator add it to the rendered field. If you are adding a new record then pass an empty array - the generator will handle this for you.

You can add as many field generators as you need and expand the options to handle things like required / disabled etc.

Another thing to take note of with the above with is the name of the field. Note how we are using array notation for the variables.

This is useful in processing the form data when it comes in. You need to do one call
$data = isset($_POST['data']) ? $_POST['data'] : false;
$errors = validateData($data));
if (empty($errors)){
   // form is good
else {
  // set errors and render form for re-submission

Open in new window

This allows you to keep database data separate from meta data you might want to submit with the form.

Personally I find the gymnastics required for manipulating form rendering on the server with all the combinations of new / edit / valid / not valid overly complex. I much prefer to render the form out as a vanilla form and then in the client make an API call to fetch the data (using AJAX) which is then injected into the form.

The big advantage with doing it this way is that the form gets rendered once by a single function - the logic around errors , validation, populating, emptying saving etc are all handled in the client with AJAX calls to an API to validate / save / retrieve data.

By using intelligent naming conventions you can write very generic code that will do all the operations with surprisingly few lines of code. It also means that your API functions are dead simple as they don't have to deal with the API.
Zakaria AcharkiAnalyst Developer
Distinguished Expert 2018

You're welcome @Sheldon

Take a look at this answer it has a simple example using the PDO to connect your DB with OOP (How to use PDO connection with OOP) you will find a link at the end of the post for further information.

You may found this series of videos about OOP Crud using PDO helpful.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial