Page 1 of 1

$_POST vs $_GET

Posted: Mon Dec 15, 2003 1:45 pm
by Draco_03
i always used $_POST
i never used get i don t know why i should, and what advantage are they (since it s less secure)

But as everything in php it must be there for a reason...( i'd like to think :P )

so give me your feedback

cheers

Posted: Mon Dec 15, 2003 2:01 pm
by delorian
For smaller things, like e.g. topic number or actual application mode it's quite easy and efficient to use GET. It's simpler to create link than hidden form field with some data that is POST'ed on_submit() :D. I think POST should be used only for large amounts of data like posts, articles, personal questionnaires, and some other things that user shouldn't see or shouldn't be cached in the browser history.

Posted: Mon Dec 15, 2003 2:03 pm
by Draco_03
Mhh i see...

one thing though when u said get is more "efficient"
do you mean easyer to type OR faster to process ?

Re: $_POST vs $_GET

Posted: Mon Dec 15, 2003 2:12 pm
by Brian
Since GET request query strings are incorporated directly into URLs, you should use the GET method whenever you want the user to be able to bookmark a page. For example, if you have made a search engine and you want your users to be able to bookmark results pages for quick access, you should use the GET method in your form and your search engine.

Posted: Mon Dec 15, 2003 2:17 pm
by delorian
Draco_03 wrote:do you mean easyer to type OR faster to process ?
Easier to type :D But I think (of course I can be wrong :P) it's also faster to process. The php doesn't have to read the POST data from the stdin, so one read process less, but it is only one process.

Posted: Mon Dec 15, 2003 2:40 pm
by m3mn0n
I generally assess the security risk at hand, then make a choice between POST and GET. I also take into consideration if I would like to display the information within the URL even if no security risk is present.

If it's a search engine...GET (?q=term)
If it's a login form...POST
If it's a template system..GET (?page=home)
If it's a email form...POST
etc, etc, etc.

Posted: Mon Dec 15, 2003 2:45 pm
by Draco_03
Ah :)

Well now i get it.. thx all..
8)

Posted: Mon Dec 15, 2003 4:53 pm
by Weirdan
2Draco_03
http://www.w3.org/Protocols/rfc2616/rfc2616.txt
In particular, the convention has been established that the GET and
HEAD methods SHOULD NOT have the significance of taking an action other than retrieval.
The POST method is used to request that the origin server accept the entity enclosed in the request as a new subordinate of the resource identified by the Request-URI in the Request-Line. POST is designed to allow a uniform method to cover the following functions:
- Annotation of existing resources;
- Posting a message to a bulletin board, newsgroup, mailing list, or similar group of articles;
- Providing a block of data, such as the result of submitting a form, to a data-handling process;
- Extending a database through an append operation.