The PHP variables $_GET and $_POST
There are two methods for sending data from the client browser to the web server:
The HTML page below contains an HTML form with input elements of different types: text, password, checkbox, radio, select... When the user fills in these elements and clicks the submit button, the data will be transferred to the destination file "exemple.php" specified in the action attribute of the form.
The following image shows an example of an HTML form with the GET method and the result captured by the page PHP.
inside the "imprime_infos.php" file, we used the $_GET variable to collect the received values (name and age).
- The GET
- The POST
The HTML page below contains an HTML form with input elements of different types: text, password, checkbox, radio, select... When the user fills in these elements and clicks the submit button, the data will be transferred to the destination file "exemple.php" specified in the action attribute of the form.
The following image shows an example of an HTML form with the GET method and the result captured by the page PHP.
The GET method
The GET method sends the encoded information to the destination page. The page and the encoded information are separated by the character. ?.
http://www.exemple.com/index.php?name1=valeur1& name2=value2Let's take a look at the HTML form below. In the form element, you have to specify how you will send the information to the server in the "method".
< form action="imprime_infos.php" method="GET">
Username: < input type="text" name="name" />
Age: < input type="text" name="age" />
< input type="submit" value="Submit">
inside the "imprime_infos.php" file, we used the $_GET variable to collect the received values (name and age).
if( $_GET["name"] || $_GET["age"] ) {
echo "Hello". $_GET['name']. "< br/>";
echo "You have". $_GET['age']. " years.";
}
?>
After executing the code with under the WampServer server, we obtained the above result, the information of which is visible in the address bar.
- The GET method produces a long string of characters that appears in the server log and browser history.
- The number of characters sent with the GET method is limited to 1024 characters only. So we can't send a long text.
- Never use the GET method to send sensitive information such as password or credit card number and code.
- GET cannot send binary data, such as images and documents, to the server.
- The data sent by the GET method can be accessed using the environment variables QUERY_STRING.
- PHP has a $_GET array to access all the information sent with the GET.
- GET should only be used to retrieve information.
The POST
As described above, the GET method is not secure at all, and therefore, this has led PHP developers to develop an efficient solution to send the information without it appearing in the address bar. In addition, GET is limited to 1024 characters. So, it's better to send the data of a form using the POST method. The POST method works like the GET method, but it is more secure than GET because the values are not visible in the browser's address bar and are not saved in the browser's history.
To use POST, put the POST keyword instead of GET.
- The data sent is not stored in the browser history.
- POST can be used to send binary data.
- The data sent by the POST method is passed through the HTTP header, so security depends on the HTTP protocol. By using a secure HTTP you can be certain that your information is protected.
- PHP has a $_POST array to access all information sent with the POST.
methods Try the following example in the file "imprime_infos.php":
< form action="imprime_infos.php" method="POST">And to collect the information, use the variable $_POST:
Username: < input type="text" name="name" />
Age: < input type="text" name="age" />
< input type="submit" value="Submit">
if( $_POST["name"] || $_POST["age"] ) {
echo "Hello". $_POST['name']. "< br/>";
echo "You have". $_POST['age']. " years.";
}
?> The runtime shows that the information is not visible in the address bar:
The benefits of using the POST:
- The POST method has no restrictions on the size of data to be sent.- The data sent is not stored in the browser history.
- POST can be used to send binary data.
- The data sent by the POST method is passed through the HTTP header, so security depends on the HTTP protocol. By using a secure HTTP you can be certain that your information is protected.
- PHP has a $_POST array to access all information sent with the POST.
The $_REQUEST
The $_REQUEST variable contains the contents of $_GET, $_POST, and $_COOKIE. $_REQUEST is useful for receiving the data in case it comes from both the $_GET and $_POST.methods Try the following example in the file "imprime_infos.php":
if( $_REQUEST["name"] || $_REQUEST["age"] ) {
echo "Hello". $_REQUEST['name']. "< br/>";
echo "You have". $_REQUEST['age']. " years.";
}
?>