Hi,

I'm new to php, I want to know what's the better time to use POST instead of GET(or GET instead of POST)? what's the advantage to use one rather than other.

Thanks.

POST vars are more secure because they are not visible in the URL. Also, if you are posting large amounts of text, GET method is not going to work well. I generally only use GET (querystring) method for pages such as a product detail page. I might do something like product_detail.php?id=15. In this case, I like having the ability to directly call the URL for a specific product. Also, I'm very likely to be using the querystring URL in a link. You can't POST in a link. e.g. <a href="product_detail.php?id=15">Daniweb Logo T-Shirt</a>

As POST is more secure than GET, and can handle larger amount of text, why we still need GET? Even if we cannot POST in a link like <a href="product_detail.php?id=15">, we still can use POST in form to pass id, right?

Correct. You probably should always use method="POST". This is not a rule or a policy, just probably usually best and will suit your needs.

You would use method="GET" in a form if you were submitting your form to a third-party who only accepts GET input.

Use GET for a location if you want somebody to be able to revisit the page. For example, search engines use GET.

Comments
Good point, Rashakil Fol

GET methods also makes it easier for someone to bookmark a page. And your users don't get the annoying "This page contains POST data (...) when they try to use the back and forward buttons in their browser. Also, GET don't need a form (or javascript cheating) - you can easily print out dynamic url-s like "www.somedomain.com/product.php?id=116" in your php scripts, and people can just follow the links, with no need for form handling, which is neat.

General rule of thumb: Use get for pages that views stuff and POST for pages that change stuff. For instance, you don't want an URL a la "www.somedomain.com/products/raiseprice.php?rate=10%", because if someone calls this page twice, they will change the price twice.

Also, information that you would like to be secret should not occur in url's. For instante, don't go "www.somedomain.com/login.php?user=admin&password=adminpass". That's piece of cake to hack, and you don't waht that to happen ;)

Hope this cleared things up.

- Karianne

GET is useful with searches, etc. POST is more secure beacuse you can't see it in the address bar.

If you are dealing with passwords you should use POST always

Hope it helps :D

This article has been dead for over six months. Start a new discussion instead.