HTML Forms Explained

    Atul Kabra3 min readUpdated

    An HTML form is how a web page collects information from a user — a login screen, a search box, a contact form, a checkout page. You wrap input fields inside a <form> element, the user fills them in, and the browser packages the data and sends it to a server for processing. Forms are the bridge between a visitor and your application.

    The anatomy of a form

    A form is built from a <form> container and one or more form controls (inputs, text areas, buttons):

    <!-- action: where the data is sent. method: how it is sent. -->
    <form action="/contact" method="post">
      <!-- A label tied to its input by matching for/id improves accessibility -->
      <label for="name">Your name</label>
      <input type="text" id="name" name="name" required />
    
      <label for="email">Email address</label>
      <input type="email" id="email" name="email" required />
    
      <label for="message">Message</label>
      <textarea id="message" name="message" rows="4"></textarea>
    
      <button type="submit">Send</button>
    </form>
    

    Two attributes on <form> control submission:

    • action is the URL the data is sent to.
    • method is how it's sent — usually get (data appended to the URL, good for searches) or post (data in the request body, used for anything that changes data or carries sensitive content).

    The name attribute on each input is essential — it becomes the key the server reads. Without it, the field's value is never sent.

    Input types do real work

    The type attribute is more than a label. It changes the on-screen keyboard on phones, adds built-in checks, and improves accessibility:

    <input type="email" name="email" />        <!-- Checks for an @ pattern -->
    <input type="number" name="age" min="1" />  <!-- Numeric keypad on mobile -->
    <input type="date" name="dob" />            <!-- Native date picker -->
    <input type="password" name="pwd" />        <!-- Hides characters -->
    <input type="tel" name="phone" />           <!-- Phone keypad on mobile -->
    

    Want to learn this properly?

    Join the waitlist for our courses — beginner-friendly, project-first classes in Jalgaon.

    Browse courses

    Labels and accessibility

    Every input should have a <label>. Linking a label to an input (for matching id) means clicking the label focuses the field, and screen readers announce it correctly. Never rely on placeholder text alone as a label — placeholders disappear when the user starts typing.

    Built-in validation

    The browser can check input before the form is even sent, using attributes — no JavaScript required:

    <!-- required: cannot be empty.
         minlength: minimum characters.
         pattern: must match a regular expression. -->
    <input
      type="text"
      name="username"
      required
      minlength="3"
      pattern="[a-zA-Z0-9]+"
      title="Letters and numbers only"
    />
    

    This is client-side validation — fast, friendly feedback for the user. But it is only a convenience: a user can bypass it. You must always validate again on the server, because that is the only place you control. Server-side validation in a language like PHP is something we cover in our PHP course.

    Common mistakes

    • Forgetting the name attribute. Without it, the field's value is never submitted, no matter how the user fills it in.
    • Skipping labels or faking them with placeholders. This breaks screen readers and frustrates users who clear the field.
    • Trusting client-side validation alone. Validation in the browser is for user experience; security and data integrity require server-side validation too.
    • Using get for sensitive data. With get, values appear in the URL and browser history. Use post for passwords and personal data.
    • Putting buttons outside the <form>. A submit button must be inside the form (or associated with it) to trigger submission.

    FAQ

    What is the difference between GET and POST? GET sends data in the URL and is best for fetching or searching. POST sends data in the request body and is used when the action changes something or carries sensitive information.

    Can a form work without JavaScript? Yes. Basic forms submit and validate using only HTML. JavaScript adds richer, instant feedback, but the form still functions without it.

    Keep learning

    Want to build for the web? Explore our courses in Jalgaon.

    Want to learn this properly?

    Join the waitlist for our courses — beginner-friendly, project-first classes in Jalgaon.

    Browse courses
    Atul Kabra

    Founder, Infoplanet

    Atul Kabra founded Infoplanet in 2001 and has spent over two decades teaching programming — C, C++, Java, databases and more — to students across Maharashtra.

    Related guides