The browser client can send information to the web server in two ways.
- The GET Method
- The POST Method
Before the browser sends the information, it uses a method called URL encoding to make sure it is safe. In this scheme, pairs of name/value are joined by equal signs, and pairs of different names/values are separated by ampersands.
The GET Method
The encoded user information that was added to the page request is sent with the GET method. The? character comes between the page and the information that has been encoded.
http://www.test.com/index.html?name1=value1&name2=value2
- The GET method makes a long string that shows up in the Location: box of your server logs.
- With the GET method, you can only send up to 1024 characters.
- If you need to send a password or other sensitive information to the server, you should never use the GET method.
- You can\’t use GET to send the server binary data like images or Word documents.
- Using the QUERY STRING environment variable, you can get to the data sent by the GET method.
- PHP\’s $_GET associative array lets you get to all the information sent with the GET method.
Example
<!DOCTYPE HTML>
<html>
<body><form action=\”result.php\” method=\”get\”>
Name: <input type=\”text\” name=\”name\”><br>
E-mail: <input type=\”text\” name=\”email\”><br>
<input type=\”submit\”>
</form></body>
</html>
and \”result.php\” looks like this:
<html>
<body>Welcome <?php echo $_GET[\”name\”]; ?><br>
Your email address is: <?php echo $_GET[\”email\”]; ?></body>
</html>
Output
Welcome Ram
Your email address is ram@example.com
The POST Method
The HTTP headers are used by the POST method to send information. As described for the GET method, the information is encoded and put into a header called QUERY STRING.
- The POST method doesn\’t limit the size of the data that can be sent.
- With the POST method, you can send both ASCII and binary data.
- Since the POST method sends data through the HTTP header, security depends on the HTTP protocol. You can make sure that your information is safe by using Secure HTTP.
- PHP\’s $_POST associative array lets you get to all the information sent with the POST method.
Example
<!DOCTYPE HTML>
<html>
<body><form action=\”result.php\” method=\”post\”>
Name: <input type=\”text\” name=\”name\”><br>
E-mail: <input type=\”text\” name=\”email\”><br>
<input type=\”submit\”>
</form></body>
</html>
and \”result.php\” looks like this:
<html>
<body>Welcome <?php echo $_POST[\”name\”]; ?><br>
Your email address is: <?php echo $_POST[\”email\”]; ?></body>
</html>
Output
Welcome Ram
Your email address is ram@example.com
When do you use GET?
With the GET method, everyone can see the information sent from a form (all variable names and values are displayed in the URL). There are also limits on how much information can be sent with GET. About 2000 characters is the most that can be used. But since the variables are shown in the URL, it is possible to save the page as a bookmark. This can sometimes be helpful.
GET can be used to send data that is not sensitive.
Note: You should NEVER send passwords or other sensitive information using GET.
When is POST used?
With the POST method, information sent from a form is hidden from others because all names and values are embedded in the body of the HTTP request. There is also no limit to the amount of information that can be sent.
POST also has advanced features, like the ability to accept multi-part binary input when uploading files to a server.
But because the variables are not shown in the URL, the page can\’t be bookmarked.
GET vs. POST
- Both GET and POST make an array, like array(key1 = value1, key2 = value2, key3 = value3, etc.). This array stores pairs of \”key\” and \”value,\” where \”key\” is the name of a form control and \”value\” is the data entered by the user.
- $_GET and $_POST are used for both GET and POST. These are superglobals, which means that you can access them from any function, class, or file without having to do anything special.
- $_GET is a list of variables that the URL parameters send to the current script.
- $_POST is an array of variables that the HTTP POST method sends to the current script.
$_REQUESTÂ variable.
$_GET, $_POST, and $_COOKIE are all parts of the $_REQUEST variable in PHP. When we talk about cookies, which is when we will talk about the $_COOKIE variable.
With PHP, you can use the $_REQUEST variable to get the result from both GET and POST form data.
Example
<!DOCTYPE HTML>
<html>
<body><form action=\”result.php\” method=\”post\”>
Name: <input type=\”text\” name=\”name\”><br>
E-mail: <input type=\”text\” name=\”email\”><br>
<input type=\”submit\”>
</form></body>
</html>
and \”result.php\” looks like this:
<html>
<body>Welcome <?php echo $_REQUEST[\”name\”]; ?><br>
Your email address is: <?php echo $_REQUEST[\”email\”]; ?></body>
</html>
Output
Welcome Ram
Your email address is ram@example.com