$_GET and $_POST are Superglobal variables in PHP which used to collect data from HTML form and URL.
PHP Form Handling
This chapter shows how to collect submitted form-data from users by using POST and GET method.
The example below contains an HTML form with two input fields, and a submit button:
Example:
<html>
<body>
<form action="registration.php" method="post">
Name: <input type="text" name="name">
Email: <input type="text" name="email">
<input type="submit">
</form>
</body>
</html>
When the user fills out and submits the form, then form data will be sent to PHP file: called registration.php.
registration.php page has following code to print submitted data:
<html>
<body>
Welcome <?php echo $_POST["name"]; ?>!
Your email address is <?php echo $_POST["email"]; ?>
</body>
</html>
Program Output:
Welcome Alex! Your email address is [email protected].
Form GET/POST method and PHP $_GET/$_POST
There are two ways the browser(client) can send information to the web server.
- The GET Method
- The POST Method
PHP $_GET Variable
In PHP, the $_GET variable is used to collect values from HTML forms using method get.
Information sent from an HTML form with the GET method is displayed in the browser's address bar, and it has a limit on the amount of information to send.
Example:
<html>
<body>
<form action="registration.php" method="get">
Name: <input type="text" name="name">
Email: <input type="text" name="email">
<input type="submit">
</form>
</body>
</html>
When the user clicks on the "Submit button", the URL will be something like this:
registration.php looks like this:
<html>
<body>
Welcome <?php echo $_GET["name"]; ?>!
Your email address is <?php echo $_GET["email"]; ?>
</body>
</html>
When to use method="get"?
- The variable names and values will be visible in URL if HTML forms submitted by the GET method.
- The GET method is restricted to send up to 2048 characters only.
- When you submit sensitive information like passwords then should not use this method.
- GET method can't be used, to send binary data like images and Word documents.
- GET method data can be accessed using PHP QUERY_STRING environment variable.
- PHP $_GET associative array is used to access all the sent information by GET method.
PHP $_POST Variable
In PHP, the $_POST variable is used to collect values from HTML forms using method post.
Information sent from a form with the POST method is invisible and has no limits on the amount of information to send.
Note: However, there is an 8 MB max size for the POST method, by default (can be changed by setting the post_max_size in the php.ini file).
Example:
<html>
<body>
<form action="registration.php" method="post">
Name: <input type="text" name="name">
Email: <input type="text" name="email">
<input type="submit">
</form>
</body>
</html>
When the user clicks on the "Submit button", the URL will be something like this:
registration.php looks like this:
Example:
<html>
<body>
Welcome <?php echo $_POST["name"]; ?>!
Your email address is <?php echo $_POST["email"]; ?>
</body>
</html>
When to use method="post"?
- The POST method does not have any restriction on data size to be sent.
- The POST method can be used to send ASCII as well as binary data.
- The data sent by POST method goes through HTTP header, so security depends on HTTP protocol. By using Secure HTTP, you can make sure that your information is secure.
- PHP $_POST associative array is used to access all the sent information by POST method.
- Variables are not visible in the URL so users can't bookmark your page.
The PHP $_REQUEST Variable
The $_REQUEST variable contains the contents of $_GET, $_POST, and $_COOKIE.
Example:
<html>
<body>
Welcome <?php echo $_REQUEST["name"]; ?>!
Your email address is <?php echo $_REQUEST["Email"]; ?>
</body>
</html>