Hi there
This is my login view
My question is when I requesting a server to check for login credentials then which method I should use get or post.probally my guess is “get” but at that time parameters are visible in the url.
Is there any other method then form which is used to verify login credentials?
Thanks
In MOST cases, forms should use the post method. In the case of logins, that would be ALWAYS use post.
GET is for GETTING information from the server. POST is for POSTING information to the server.
Ya but i think @DaveMaxwell suggestion in case of Login is right
Generally I use common approach of get and post method
GET is only useful when you want to have persistent link (URL) to the query results
Otherwise use POST
“when you want to have persistent link (URL) to the query results” can you explain a bit more it what it mean ?
That means when you submit the form, the form inputs become part of the URL (as you already recognized per your OP). That URL then can be copied/bookmark/shared so that the same results can be returned without having to resort to using the form again.
A good example of what this would be used would be a saved search from a site.
Got it
@DaveMaxwell:
How would GET GET information from the server, @RyanReese ? I sometimes use it to pass values from one page to another (ie id numbers) instead of sessions. But I only use it for unimportant info such as ‘msg=y’ or ‘msg=n’ that won’t cause a security risk. I would never use it for login credentials.
I never said to use it for login credentials. I agree you shouldn’t send passwords via $_GET.
GET requests can be cached
GET requests remain in the browser history
GET requests can be bookmarked
GET requests should never be used when dealing with sensitive data
GET requests have length restrictions
GET requests should be used only to retrieve data
A good example of the bolded is query strings.
I understand all that, @RyanReese . I just didn’t understand your wording that “GET is for GETTING information from the server”. I’d never heard someone explain it that way, and it wasn’t the way I tend to consider it. That’s all. 
I tried to make it easy to remember. Whereas my last post references “retrieving” data, I tried to say “GETTING” in order to associate GET with GETTING/retrieving.
I tried making it easy for the user and ended up making it more complicated 
.
I heard someone say the “GETTING” way before and it made such sense to me. I tried to instill that the same way it was instilled with me. I failed 
.
This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.