GET and POST Methods
The client browser uses two methods to send information from the client to the webserver. These methods are GET and POST. However, before sending the information, the browser first encodes the information using the coding scheme called URL encoding.
In this coding scheme, key-value pairs, which are here name-value pairs, which are here name-value pairs, are combined together in such a way that different name-value pairs are separated by & (ampersand). Any whitespaces are replaced by the plus sign(+) and non-alphanumeric characters are replaced with their hexadecimal values. Once the encoding process is over, the data is sent to the webserver.
The GET Method
When the GET method is used for sending information to the web server, it sends the same along with the page URL. The URL is appended by the encoded information and the question mark sign (?) separates the former from the latter. Some of the key things to note about the use of this method include –
- Since this method appends the page URL, the sent information will also appear in the logs of the server.
- The maximum number of characters that can be sent using the GET method is 1024 characters.
- There is an inherent issue of compromised confidentiality with this method. Therefore, its use must be avoided when you are sending passwords or critical information to the webserver.
- Another inherent limitation of the GET method is that documents and images cannot be sent to the server using this method.
- Besides the above-mentioned, it is also possible to access the data sent using this method by retrieving the QUERY_STRING environment variable. Therefore, data is not safe.
- It is possible to access all the sent information using this method by accessing $_GET, which is an associative array provided by PHP for this purpose.
You can try the sample code given below to understand how this method is used.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
<span style="font-weight: 400;"><?php</span> <span style="font-weight: 400;">if($_GET[“name”] || $_GET[“age”]){</span> <span style="font-weight: 400;">echo “Welcome”. $_GET[‘name’].”<br />”;</span> <span style="font-weight: 400;">echo “You are”. $_GET[age].”years old”;</span> <span style="font-weight: 400;">exit();</span> <span style="font-weight: 400;">}</span> <span style="font-weight: 400;"><html></span> <span style="font-weight: 400;"><body></span> <span style="font-weight: 400;"><form action=”<?php $_PHP_SELF?>” method=”GET”></span> <span style="font-weight: 400;">Name: <input type=”text” name=”name” /></span> <span style="font-weight: 400;">Age: <input type=”text” name=”age” /></span> <span style="font-weight: 400;"><input type=”submit”></span> <span style="font-weight: 400;"></form></span> <span style="font-weight: 400;"></body></span> <span style="font-weight: 400;"></html></span> |
The POST Method
An alternative to the GET method is the POST method. This method makes uses of HTTP headers to transfer information from the client to the server. The encoded information is out into the header. Some of the things that you must know about the use of this method for information transfer has been listed below-
- Unlike the GET method, there is no limitation on the number of characters that can be sent using this method.
- It is possible to send binary as well as ASCII data using this method.
- As far as the security of data is concerned, data security totally lies in the hands of the HTTP protocol. You can ensure higher security of data by using HTTP secure.
- All the data using the POST method can be accessed using the $_POST associative array.
You can try the sample code given below to understand how this method is used.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
<span style="font-weight: 400;"><?php</span> <span style="font-weight: 400;">if($_POST[“name”] || $_POST[“age”]){</span> <span style="font-weight: 400;">if(preg_match(“/[^A-Za-z’-]/”,$_POST[‘name’])){</span> <span style="font-weight: 400;">die(“Name is invalid”);</span> <span style="font-weight: 400;">}</span> <span style="font-weight: 400;">echo “Welcome”. $_POST[‘name’].”<br />”;</span> <span style="font-weight: 400;">echo “You are”. $_POST[age].”years old”;</span> <span style="font-weight: 400;">exit();</span> <span style="font-weight: 400;">} </span>?> <span style="font-weight: 400;"><html></span> <span style="font-weight: 400;"><body></span> <span style="font-weight: 400;"><form action=”<?php $_PHP_SELF?>” method=”GET”></span> <span style="font-weight: 400;">Name: <input type=”text” name=”name” /></span> <span style="font-weight: 400;">Age: <input type=”text” name=”age” /></span> <span style="font-weight: 400;"><input type=”submit”></span> <span style="font-weight: 400;"></form></span> <span style="font-weight: 400;"></body></span> <span style="font-weight: 400;"></hml></span> |
The $_REQUEST Variable
The contents of $_GET and $_POST are available in $_REQUEST. Besides this, $_REQUEST also contains data associated with $_COOKIE> The form data sent to the webserver using both the methods namely GET and POST can be accessed by accessing this variable.
Here $_PHP_SELF variable contains the name of the self script in which it is being called.