Developer Support »

Pre-populate the form

Applies to the Pro version only

A problem can occur whereby the visitor hits "back" to return to your form page after getting an error and the data they submitted on the form is wiped out. They get a blank form. This is caused by the visitor's browser refreshing the form page, it's got nothing to do with the script! Some browsers will refresh the page, some won't, it's down to the browser settings. To be certain that your vistor does not get returned to a form where their entered data is wiped out, you can pre-populate the form with their submitted data.

To do so, you need to add some PHP code to your form page (the script can't do that for you) and enable the "$pre_populate_form" option in the script. If enabled, a session will be created and the submitted values from the form will be stored in the session. This means the values will be available to your form page should your visitor go back to your form after getting an error. You can then display the submitted values on the form (pre-populate it). This prevents the visitor getting a blank form when they return to the form to correct any errors.

To pre-populate the form, your form page needs to be a PHP page, with a .php extension, like contact.php for example. If it's an HTML page, just save it with a .php extension.

(If you are new to editing PHP code, have a look at the "Editing PHP code" page in the support section.)

Add this code to your form page:

Start a session

Put this at the top:

<?php

session_start();

if(isset($_SESSION['submitted_form_values'])){extract($_SESSION['submitted_form_values']);}

?>

To pre-populate the form (instead of presenting a blank form) you need to put some PHP code into your HTML form code. For each form input on your form (where you expect a visitor to enter data, not a hidden field for example) you need to have a piece of code like this:

<?php if(isset($form_field_name)){print stripslashes($form_field_name);}else{print "";} ?>

It is used to print a value in the form field. $form_field_name is replaced with a variable that is EXACTLY the same name as the form field.

Text inputs

Here's an example. Suppose you have an input on your form, like this:

<input type="text" name="Street_Address">

To show the visitor's entered value, put the above PHP code into a value for the field, like so:

<input type="text" name="Street_Address" value="<?php if(isset($Street_Address)){print stripslashes($Street_Address);}else{print "";} ?>">

Note that "$Street_Address" is used (two instances) in place of the generic "$form_field_name". Do the same for all text inputs, replacing $form_field_name with the exact (case sensitive) variable name of the form field (the preceding dollar sign makes it a variable).

If you have default text that appears in a text input, include it in the code, like so:

<input type="text" name="Street_Address" value="<?php if(isset($Street_Address)){print stripslashes($Street_Address);}else{print "Please enter your street address";} ?>">

"Please enter your street address" is the default text and is entered between the quotes.

Select inputs (drop-down lists)

For <select> inputs (drop-down lists) on your form, the coding is like this:

Change this:

<select name="fruit">
<option>Banana</option>
<option>Apple</option>
<option>Orange</option>
</select>

...to this:

<select name="fruit">
<option <?php if(isset($fruit) && $fruit == "Banana"){print "selected=\"selected\"";} ?>>Banana</option>
<option <?php if(isset($fruit) && $fruit == "Apple"){print "selected=\"selected\"";} ?>>Apple</option>
<option <?php if(isset($fruit) && $fruit == "Orange"){print "selected=\"selected\"";} ?>>Orange</option>
</select>

If you have a very long list of options, this cheat might work for you:

<select name="fruit">
<option><?php if(isset($fruit)){print stripslashes($fruit);}else{print "";} ?></option>
<option>Banana</option>
<option>Apple</option>
<option>Orange</option>
</select>

To show a default selected option, use this additional piece of code:

if(!isset($fruit)){print "selected=\"selected\"";}

Using the above code, if you want "Orange" to be the default selected option, use this code:

<select name="fruit">
<option <?php if(isset($fruit) && $fruit == "Banana"){print "selected=\"selected\"";} ?>>Banana</option>
<option <?php if(isset($fruit) && $fruit == "Apple"){print "selected=\"selected\"";} ?>>Apple</option>
<option <?php if(!isset($fruit)){print "selected=\"selected\"";} if(isset($fruit) && $fruit == "Orange"){print "selected=\"selected\"";} ?>>Orange</option>
</select>

Textareas

For textareas, the coding is like this:

Change this:

<textarea name="comments" rows="6" cols="30"></textarea>

...to this:

<textarea name="comments" rows="6" cols="30"><?php if(isset($comments)){print stripslashes($comments);} ?></textarea>

To show default text in a textarea, which is shown when the form is first displayed then overwritten by any user input, use this code:

<textarea name="comments" rows="6" cols="30"><?php if(isset($comments)){print stripslashes($comments);}else{print "some default text";} ?></textarea>

Radio buttons

For radio buttons, the coding is slightly different, like this:

Change this:

<input type="radio" name="veg" value="cabbage"> cabbage
<input type="radio" name="veg" value="onion"> onion

...to this:

<input type="radio" name="veg" value="cabbage" <?php if(isset($veg) && $veg == "cabbage"){print " checked=\"checked\"";} ?>> cabbage
<input type="radio" name="veg" value="onion" <?php if(isset($veg) && $veg == "onion"){print " checked=\"checked\"";} ?>> onion

If you have set a default radio button with checked="checked" you need to add additional PHP code to that input. This means when the visitor first visits your form, they will get the default radio button checked. If they then select a different option and are returned to the form after an error, the new selected option will be shown as checked.

This is the additional piece of code:

if(!isset($veg)){print " checked=\"checked\"";}

Using the above code example, if you want the "cabbage" option to be shown checked by default, the code would look like this:

<input type="radio" name="veg" value="cabbage" <?php if(!isset($veg)){print " checked=\"checked\"";} if(isset($veg) && $veg == "cabbage"){print " checked=\"checked\"";} ?>> cabbage
<input type="radio" name="veg" value="onion" <?php if(isset($veg) && $veg == "onion"){print " checked=\"checked\"";} ?>> onion

Checkboxes

For checkboxes, again the coding is slightly different, like this:

Change this:

<input type="checkbox" name="fruit[]" value="apple">Apple
<input type="checkbox" name="fruit[]" value="orange">Orange
<input type="checkbox" name="fruit[]" value="banana">Banana

...to this:

<input type="checkbox" name="fruit[]" value="apple" <?php if(isset($fruit) && in_array("apple",$fruit)){print " checked=\"checked\"";} ?>>Apple
<input type="checkbox" name="fruit[]" value="orange" <?php if(isset($fruit) && in_array("orange",$fruit)){print " checked=\"checked\"";} ?>>Orange
<input type="checkbox" name="fruit[]" value="banana" <?php if(isset($fruit) && in_array("banana",$fruit)){print " checked=\"checked\"";} ?>>Banana

If you have set default checkboxes with checked="checked" you need to add additional PHP code to those checkboxes. This means when the visitor first visits your form, they will get the default checkboxes checked. If they then select different checkboxes or deselect a default checkbox and are returned to the form after an error, the new selections will be shown as checked.

This is the additional piece of code (same as for radio buttons):

if(!isset($fruit)){print " checked=\"checked\"";}

Using the above code example, if you want the "apple" checkbox to be shown checked by default, the code would look like this:

<input type="checkbox" name="fruit[]" value="apple" <?php if(!isset($fruit)){print " checked=\"checked\"";} if(isset($fruit) && in_array("apple",$fruit)){print " checked=\"checked\"";} ?>>Apple
<input type="checkbox" name="fruit[]" value="orange" <?php if(isset($fruit) && in_array("orange",$fruit)){print " checked=\"checked\"";} ?>>Orange
<input type="checkbox" name="fruit[]" value="banana" <?php if(isset($fruit) && in_array("banana",$fruit)){print " checked=\"checked\"";} ?>>Banana

File inputs

You cannot show file names by using a value in a file input field. In other words, you can't pre-populate a file input field. For security reasons, browsers do not display such values. Unless the visitor's browser does not refesh the form when it returns to it, any file input fields will be blank, and the user will have to select a file to upload once again.

Clear session values

Put this code on your form page after the code above. It removes the submitted form values from the session. This is not imperative but it's generally considered "good housekeeping" to clear session values when you have finished with them (doing so, means the form will be cleared if the visitor refreshes the page, which might be desirable):

<?php

if(isset($_SESSION['submitted_form_values'])){unset($_SESSION['submitted_form_values']);}

?>

Preventing malicious script code being run

A malicious visitor might try to run script code on your form by entering the code in a form field, then getting returned to your pre-populated form where the script code then pre-populates a field on your form and gets actioned. This is regarded as a security risk but in fact is not, as any such code will only be actioned on the visitor's PC. If this is an issue for you, you can use the htmlspecialchars() PHP function to prevent any such code getting actioned.

Instead of using this to print the field values:

<?php if(isset($form_field_name)){print stripslashes($form_field_name);}else{print "";} ?>

...use this:

<?php if(isset($form_field_name)){print stripslashes(htmlspecialchars($form_field_name));}else{print "";} ?>

Sample form code

Below is code for a basic contact form with name, email and comments fields. It is already coded to display the submitted form values if a user has to return to it. You can use the code exactly as it is, all you need to do is enable the $pre_populate_form option in the script. Equally, you can look at the sample code to give you an idea of how you should code your own form (the lines in the code will probably display wrapped in your browser, you can view the code here in a text file).

<?php

session_start();

if(isset($_SESSION['submitted_form_values'])){extract($_SESSION['submitted_form_values']);}

?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Contact Form</title>
</head>

<body>

<form action="formtoemailpro.php" method="post">
<table border="0" style="background:#ececec" cellspacing="5">
<tr><td>Name</td><td><input type="text" size="30" name="name" value="<?php
if(isset($name)){print stripslashes($name);}else{print "";} ?>"></td></tr>
<tr><td>Email</td><td><input type="text" size="30" name="email" value="<?php
if(isset($email)){print stripslashes($email);}else{print "";} ?>"></td></tr>
<tr><td valign="top">Comments</td><td><textarea name="comments" rows="6" cols="30"><?php
if(isset($comments)){print stripslashes($comments);} ?></textarea></td></tr>
<tr><td> </td><td><input type="submit" value="Send"></td></tr>
</table>
</form>

</body>
</html>

<?php

if(isset($_SESSION['submitted_form_values'])){unset($_SESSION['submitted_form_values']);}

?>

Extracting values from the session

This piece of code (from the code above) extracts the form values from the $_SESSION array:

extract($_SESSION['submitted_form_values'])

It will overwrite any variables of the same name that already exist on the page. If this is a problem for you, see the PHP manual for more information.