HTTP Request (GET, POST and Server)
When dealing with forms, you must specify the way that the information entered into the form is transmitted to its destination (method="").
The two ways available to a web developer are GET and POST.
- The GET Method
- The POST Method
Before the browser sends the information, it encodes it using a scheme called URL encoding. In this scheme, name/value pairs are joined with equal signs and different pairs are separated by the ampersand.
name1=value1&name2=value2&name3=value3Spaces are removed and replaced with the + character and any other nonalphanumeric characters are replaced with a hexadecimal values. After the information is encoded it is sent to the server.
GET Method
The GET method sends the encoded user information appended to the page request. The page and the encoded information are separated by the ? character.
- The GET method produces a long string that appears in your server logs, in the browser's Location: box.
- The GET method is restricted to send upto 1024 characters only.
- Never use GET method if you have password or other sensitive information to be sent to the server.
- GET can't be used to send binary data, like images or word documents, to the server.
- The data sent by GET method can be accessed using QUERY_STRING environment variable.
- The PHP provides $_GET associative array to access all the sent information using GET method.
Example Source Code: test.php
<?php
if( isset($_GET["name"]) && isset($_GET["age"] ))
{
echo "Welcome ". $_GET['name']. "<br />";
echo "You are ". $_GET['age']. " years old.";
exit();
}
?>
<html>
<body>
<form action="<?php $_PHP_SELF ?>" method="GET">
Name: <input type="text" name="name" />
Age: <input type="text" name="age" />
<input type="submit" />
</form>
</body>
</html>POST Method
The POST method transfers information via HTTP headers. The information is encoded as described in case of GET method and put into a header called QUERY_STRING.
- The POST method does not have any restriction on data size to be sent.
- The POST method can be used to send ASCII as well as binary data.
- The data sent by POST method goes through HTTP header so security depends on HTTP protocol. By using Secure HTTP (https) you can make sure that your information is secure.
- The PHP provides $_POST associative array to access all the sent information using POST method.
Example Source Code: test.php
<?php
if( isset($_POST["name"]) && isset($_POST["age"] ))
{
echo "Welcome ". $_POST['name']. "<br />";
echo "You are ". $_POST['age']. " years old.";
exit();
}
?>
<html>
<body>
<form action="<?php $_PHP_SELF ?>" method="POST">
Name: <input type="text" name="name" />
Age: <input type="text" name="age" />
<input type="submit" />
</form>
</body>
</html>GET VS POST Methods
POST
- Values not visible in the URL.
- Has not limitation of the length of the values since they are submitted via the body of HTTP.
- Has lower performance compared to PHP_GET method due to time spent encapsulation the PHP_POST values in the HTTP body
- Supports many different data types such as string, numeric, binary etc.
- Results cannot be book marked
GET
- Values visible in the URL
- Has limitation on the length of the values usually 255 characters. This is because the values are displayed in the URL. Note the upper limit of the characters is dependent on the browser.
- Has high performance compared to POST method dues to the simple nature of appending the values in the URL.
- Supports only string data types because the values are displayed in the URL
- Results can be book marked due to the visibility of the values in the URL
$_SERVER Method in PHP
$_SERVER is a PHP superglobal that contains server and request environment details. It gives information about:
- Web server
- Browser
- Request type
- Script location
- IP address
Example Usage
<?php
echo $_SERVER['PHP_SELF'];
echo $_SERVER['SERVER_NAME'];
echo $_SERVER['REQUEST_METHOD'];
?>
Important $_SERVER Keys
| Key | Purpose |
|---|---|
PHP_SELF | Current file name |
SERVER_NAME | Website domain |
HTTP_HOST | Host name |
REQUEST_METHOD | GET or POST |
REMOTE_ADDR | User IP Address |
SCRIPT_NAME | Script path |
Detect GET or POST Using $_SERVER
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
echo "Form submitted using POST";
} else {
echo "Form submitted using GET";
}
?>
Real-Life Example
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$name = $_POST["name"];
echo "Hello " . $name;
}
?>
Summary
| Superglobal | Purpose |
|---|---|
$_GET | Collects URL data |
$_POST | Collects hidden form data |
$_SERVER | Gets server and request info |