SitePoint Sponsor

User Tag List

View Poll Results: Which METHOD is BETTER and WHY ? (GET vs POST)

Voters
35. You may not vote on this poll
  • GET

    3 8.57%
  • POST

    29 82.86%
  • Other (If any)

    3 8.57%
Page 2 of 4 FirstFirst 1234 LastLast
Results 26 to 50 of 85
  1. #26
    SitePoint Wizard samsm's Avatar
    Join Date
    Nov 2001
    Location
    Atlanta, GA, USA
    Posts
    5,011
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by kandalf
    $_GET has a 32K size limit
    I thought Internet Explorer maxed out at 2000 some characters. Do I have that totally wrong?

    I'll take a shot at the insecure post claim, the idea is that GET requests show up in firewall logs and that sort of things, so there are more chances of people harvesting data. It's not so much more or less of a security thing, it's more practical advice based on how information is collected and stored.
    Using your unpaid time to add free content to SitePoint Pty Ltd's portfolio?

  2. #27
    if ($zee == "Guru") { $zee--;}
    Join Date
    Nov 2005
    Location
    Karachi - Pakistan
    Posts
    1,134
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi ,

    Is it possible that we ENCRYPT the DATA to be transfered as then saved it in a temporar text file or Database, then on the Next page the script will read the DATA and DECRYPT it ??? isn't this POSSIbe and MORE SECURE ????

  3. #28
    SitePoint Wizard
    Join Date
    Jan 2004
    Location
    3rd rock from the sun
    Posts
    1,005
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Isnt it the next page that does the storing though...

    You can encrypt in JS but its pretty easy for anyone to un-crypt it again.
    http://javascript.internet.com/misce...encrypter.html

    You really want https:// to make sure the message goes from client to server encrypted.
    isempty()

  4. #29
    SitePoint Evangelist pompopom's Avatar
    Join Date
    Feb 2004
    Location
    Huldenberg (Belgium)
    Posts
    426
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Will Kelly
    I'm reliably informed that someone shot my pigeon. Sorry about that.
    sorry I noticed the little paper around it's neck too late...
    The Path of excess leeds to the tower of wisdom (W. Blake)

  5. #30
    ********* wombat firepages's Avatar
    Join Date
    Jul 2000
    Location
    Perth Australia
    Posts
    1,717
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    zeeshanhashmi, the problem is your question is wrong.
    is GET better than POST for $what

    There are some things commonly we use GET for e.g passing information to page controllers ?blah=yak article=5 ..etc
    Then more commonly for forms is the POST method , most people who know the difference use POST though GET is acceptable as well.

    which is better an apple or a bicycle ? ... depends if you are hungry or in a rush

  6. #31
    SitePoint Wizard Young Twig's Avatar
    Join Date
    Dec 2003
    Location
    Albany, New York
    Posts
    1,355
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Zeeshan, are you by any chance related to Dave Dalton?

  7. #32
    Evil Genius MilchstrabeStern's Avatar
    Join Date
    Nov 2003
    Location
    Arizona
    Posts
    1,131
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Will Kelly, of course you can use pigeon, it is one of my favorite form processing methods!

    HTML Code:
    <form action="" method="pigeon">
    
    <input type="textbox" size="30" name="message">
    
    </form>
    Sadly, the form processing time is quite slow and sometimes never goes through, as Will mentioned

    PHP Code:

    if (isset($_PIGEON['submit'])) {

    $message $_PIGEON['message'];

    function 
    feedPigeon($foodtype,$amount,$pigeon_name) {
             
    databaseConnect(mplionhearts);

    $feed "INSERT INTO pigeon(foodtype, amount) VALUES ( '$foodtype','$amount')  WHERE pigeon = '$pigeon_name' ";

    }

    feedPigeon(peanuts,5,sam);


    Last edited by MilchstrabeStern; Jan 15, 2006 at 00:25.
    ]

  8. #33
    SitePoint Enthusiast
    Join Date
    Dec 2004
    Location
    Oklahoma City, OK, USA
    Posts
    51
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The question to the original post has been answered (quite humorously by a few), but I thought I would point something out on a note:

    Quote Originally Posted by kandalf
    $_GET is much more insecure than $_POST
    That's a common misperception by a lot of people starting in PHP. I know when I started programming PHP, I didn't think it was necessary to escape strings before using them in queries if the data was posted from a select input method, since I controlled what values each of the select options were. I thought that data couldn't be manipulated, unlike the GET method where the use could just edit the URL in the address bar.

    However, all someone needs to do is see this firefox extension to realize that anytime you accept any request (GPC) from a user, you need to take equal steps to sanitize the data to protect against SQL injections and other mischievous attempts

    As far as which is better... apples and oranges. They are differently shaped tools, each used for a specific type of task.

  9. #34
    if ($zee == "Guru") { $zee--;}
    Join Date
    Nov 2005
    Location
    Karachi - Pakistan
    Posts
    1,134
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Ok, now i get the idea. Actually, what I understood formerly is that POST / GET and (Pegion) all are different modes of Transfering data from 1 to another page. But now, with the help of u all, i come to know that it depends upon the situation. Like (as per my understanding) if FORM processing is Requried then offcourse POST is the best option, while (for example) for the NAVIAGATION across the different pages of a THREAD in a forum should be done with GET.

    Apart from these situations, Pegion is the best but distance do matter as well.

    Is my understanding OK now ?

  10. #35
    Evil Genius MilchstrabeStern's Avatar
    Join Date
    Nov 2003
    Location
    Arizona
    Posts
    1,131
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I think you have it down pretty good, POST should be used for processies that will modify something. GET should be used when the data is only required for temporary purposes,and will not modify anything.

    However, Pigeon is your best option if POST and GET don't seem to fit. Pigeons can't be hacked... electronically.
    ]

  11. #36
    ********* wombat firepages's Avatar
    Join Date
    Jul 2000
    Location
    Perth Australia
    Posts
    1,717
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Pigeons can't be hacked... electronically.
    I think thats why google use them for pigeonrank else SEO companies might be able to skew the results ...
    http://www.google.com/technology/pigeonrank.html

  12. #37
    Keep it simple, stupid! bokehman's Avatar
    Join Date
    Jul 2005
    Posts
    1,935
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by zeeshanhashmi
    if FORM processing is Requried then offcourse POST is the best option
    Not necessarilly; there are occasions when GET is a much better choice! For example, as stated above, "in cases with no lasting effect". Generalisations such as yours lead to rigid coding that lowers the usability of applications.

  13. #38
    SitePoint Wizard silver trophy kyberfabrikken's Avatar
    Join Date
    Jun 2004
    Location
    Copenhagen, Denmark
    Posts
    6,157
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I really recommend that you read this document, or at least the first few paragraphs :
    http://www.cs.tut.fi/~jkorpela/forms/methods.html

    As a simplification, we might say that "GET" is basically for just getting (retrieving) data whereas "POST" may involve anything, like storing or updating data, or ordering a product, or sending E-mail.

  14. #39
    SitePoint Author silver trophybronze trophy

    Join Date
    Nov 2004
    Location
    Ankh-Morpork
    Posts
    12,158
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by zeeshanhashmi
    if FORM processing is Requried then offcourse POST is the best option
    You cannot generalise like that. Some forms benefit from using GET, others from using POST. That's why there's a method attribute in the <form> tag: to allow us to choose.

    If you're writing a search application, you may want to use GET, for instance. That way, you can link to result pages. That's not possible if you use POST.
    Birnam wood is come to Dunsinane

  15. #40
    if ($zee == "Guru") { $zee--;}
    Join Date
    Nov 2005
    Location
    Karachi - Pakistan
    Posts
    1,134
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    All right, got it ArtisticCuckoo

  16. #41
    ********* wombat firepages's Avatar
    Join Date
    Jul 2000
    Location
    Perth Australia
    Posts
    1,717
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    if FORM processing is Requried then offcourse POST is the best option
    You cannot generalise like that. Some forms benefit from using GET, others from using POST. That's why there's a method attribute in the <form> tag: to allow us to choose.
    Generally form processing means processing of form data for storing somewhere/somehow and generally you end up using POST for such things , thats a generalisation but non the less true.

    Yes sometimes I use get but probably 80% of the forms I create are POST based therefore I think its quite fair to say that generally my forms are POSTed.

    Whats the problem with saying that ?, perhaps someone else will post and parrot the same line ? (1st pigeons now parrots )

  17. #42
    if ($zee == "Guru") { $zee--;}
    Join Date
    Nov 2005
    Location
    Karachi - Pakistan
    Posts
    1,134
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    there are situations when Data from a FORM is not Stored nor Used to Modify somthing. The data is EMAILED instead. What should be used in that situation ? Get or POST ?

  18. #43
    Keep it simple, stupid! bokehman's Avatar
    Join Date
    Jul 2005
    Posts
    1,935
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by zeeshanhashmi
    there are situations when Data from a FORM is not Stored nor Used to Modify somthing. The data is EMAILED instead. What should be used in that situation ? Get or POST ?
    Sending email is a "lasting effect" so post should be used(according to W3C).

  19. #44
    if ($zee == "Guru") { $zee--;}
    Join Date
    Nov 2005
    Location
    Karachi - Pakistan
    Posts
    1,134
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    What do u mean by lasting effect moreover, please let me know where i can find such details as u mentioned (according to W3C).

    I have seen some sites where GET is used for these sort of thing......

  20. #45
    Keep it simple, stupid! bokehman's Avatar
    Join Date
    Jul 2005
    Posts
    1,935
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by zeeshanhashmi
    What do u mean by lasting effect moreover, please let me know where i can find such details as u mentioned (according to W3C).
    W3C (forms)

    GET should only be used to retrieve data...
    Example: looking up a word in an electronic dictionary.

    POST should only be used for things other than pure data retrieval...
    Example: booking a plane ticket.

  21. #46
    SitePoint Evangelist Will Kelly's Avatar
    Join Date
    May 2005
    Location
    London
    Posts
    475
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    @ MilchstrabeStern

    Though I think you should factor into the 'pigeon post' the probability of success taking into account chance of ie; being shot (1% most hackers are caffeined up so cant shoot straight); roadkill (needing to nibble, affected by quality of feed), and of the female pigeon delay factor.

    btw a 'Pigeon Get' is when the pigeon brings something back. ie a cookie, but by the time it gets back it's usually a transparent piece of data...

  22. #47
    if ($zee == "Guru") { $zee--;}
    Join Date
    Nov 2005
    Location
    Karachi - Pakistan
    Posts
    1,134
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Really ?

  23. #48
    SitePoint Evangelist Will Kelly's Avatar
    Join Date
    May 2005
    Location
    London
    Posts
    475
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yes. Really.

  24. #49
    if ($zee == "Guru") { $zee--;}
    Join Date
    Nov 2005
    Location
    Karachi - Pakistan
    Posts
    1,134
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    its AMAZING !

  25. #50
    SitePoint Evangelist mrwooster's Avatar
    Join Date
    Jan 2006
    Posts
    518
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    OK - looks like we need to restructure the internet, btw what is the speed of a pigeon - i'm thinking about 0.00000001 kbs - or maybe I am being a bit generous


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •