Basic Web Forms
- To interact with a PHP script all we need is a standard HTML form.
- When we submit a HTML form to a PHP script all the form elements become elements in either the $_GET or $_POST array depending upon which method we used to send the form in the first place.
- $_GET and $_POST are associative arrays. The element keys of which match the names of the fields from our form i.e. if we a have form field called ‘name’ we will have an element that can be access by either $_GET['name'] or $_POST['name'].
- Whether accidentally or on purpose a user may send us some nasty surprises along with the form data. To combat this its always best to clean the data before using it. The trim(), htmlentities() and strip_tags() functions are very useful for this.
What’s the difference between POST and GET?
Technically, GET means that form data is to be encoded by a browser into a URL while POST means that the form data is to appear within a message body. Essentially, “GET”is for getting (retrieving) data whereas “POST” may involve anything, like storing or updating data, etc. Source: http://www.webdeveloper.com/drweb/nov212002.html
Another way to look at this is that when the data is sent using GET the data can be seen as part of the URL this is a good thing if you want people to be able to bookmark dynamic content. However its a bad thing if the data is of a sensitive nature. Such as a username and password. POST data on the other had can’t be seen as part of the URL and so its better for sending sensitive data or lots of data. There is also a limit to the length of a URL (believed to be 1024 bytes) and hence the amount of data that can be sent via the GET method.