What is the difference between GET/POST?

theprocessor

I am a beginner at php, and i came to find it quite fun and challenging. I made this thread because i was trying to create a form and i found out that i could put method="post" or even "get"... I just would like to know what is the difference when i get the same results.

thorpe

Nothing to do with php really, more to do with http. Get will pass the values along the url and has a few more size limitations. While post will transfer the data in the background.

If you want a more technical explination take a look at the protocol in question here.

hellboi64

say you have this form on your page:

<form action="your_page.php" method="GET">
<input type="text" name="item" value="value">
</form>

When it is submitted, the browser will navigate to your_page.php?item=value and the data will be available in the $_GET variable.

say you have this form on your page:

<form action="your_page.php" method="POST">
<input type="text" name="item" value="value">
</form>

NOTICE THE VALUE CHANGE FOR METHOD IN THE <FORM> TAG

When it is submitted, the browser will navigate to your_page.php and the data will be available in the $_POST variable.

thorpe

the data will be available in the $REQUEST variable

The $REQUEST array is a catch all and should really be avoided in my opinion.

bradgrafelman

Indeed. Ironically, the superglobals are named $GET and $POST depending on what flavour of transfer you use.

hellboi64

thorpe wrote:
The $_REQUEST array is a catch all and should really be avoided in my opinion.

What makes you say that? I cannot find on the php.net website where it says it is a catch all variable...

bradgrafelman

[man]variables.predefined[/man]

$_REQUEST
Variables provided to the script via the GET, POST, and COOKIE input mechanisms, and which therefore cannot be trusted

Even PHP.net says the same thing, hence the last 3 words :p

hellboi64

aawww....right....however I don't think that it means you cannot trust the $_REQUEST variable...but rather that is makes it easier for someone to hack because it gets its variables from all 3 methods. I would take it to mean the use input is dangerous. Making the use of this variable just as dangerous as any other method if the proper precautions are not taken.

Although...i will probably stop using $REQUEST in my scripts...I always thought that was the way to get querystring variables, but $GET does that.

Thanx bradgrafelman 😃