PHP $_GET & $_POST Variables

Written by Saran on , Updated March 21, 2014
PHP $_GET & $_POST are part of PHP global variables, and can be called anywhere in PHP scripts, both $_GET & $_POST captures data sent with HTML post and get methods. Example below shows how we can use $_GET and $_POST with HTML form to collect data.

Collecting data from HTML Form

The HTML page below contains HTML form with input elements like text fields, checkboxes, radio-buttons, submit buttons. When user fills these elements and clicks submit button, the data is sent to "grab_values.php", which is specified in action form element.Picture below illustrates a typical HTML form procedure with GET method. Next picture is the result of form data captured by PHP page.php_get_post_image.

HTML GET Method

Have a look at HTML form code below. In the form element, we need to specify how we are going to send data to server in "method" form element.
HTML
  • 1
  • 2
  • 3
  • 4
  • 5
<form action="grab_values.php" method="GET">
User Name: <input type="text" name="user_name" />
Location: <input type="text" name="user_location" />
<input type="submit" value="Submit">
</form>
Using PHP, we use just use $_GET global variable in grab_values.php file, which will collect the values sent from HTML FORM page.
PHP
  • 1
  • 2
  • 3
  • 4
<?php
echo 'Hi '.$_GET["user_name"];
echo $_GET["user_location"].' is a cool place';
?>
Flaw of HTML GET method is that the values sent to the server are visible over the browser address bar, therefore sending sensitive data such as passwords, secret keys using GET method is not advisable. Also how long data can be sent using this method is limited to the length of characters allowed in URL by different browsers. Here are few things to note while using GET method :
  • GET requests can be cached
  • GET requests remain in the browser history
  • GET requests can be bookmarked
  • GET requests should never be used when dealing with sensitive data
  • GET requests have length restrictions
  • GET requests should be used only to retrieve data
So the preferred way of sending data to server has been the POST method.

HTML POST Method

A large sized post request can be sent using POST method, since HTML 4.0, forms can also submit data in multipart/form-data as defined in RFC 2388. POST method works similar way as GET, but it is safer than GET because the values are not visible on the address bar and will not be stored in browser history.To use POST just change element method to POST as shown below :
HTML
  • 1
  • 2
  • 3
  • 4
  • 5
<form action="grab_values.php" method="POST">
User Name: <input type="text" name="user_name" />
Location: <input type="text" name="user_location" />
<input type="submit" value="Send My Info">
</form>
And to collect the input field values, we will just use PHP $_POST Predefined Variables:
PHP
  • 1
  • 2
  • 3
  • 4
<?php
echo 'Hi '.$_POST["user_name"];
echo $_POST["user_location"].' is a cool place';
?>
Benefits of using POST method.
  • POST requests are never cached
  • POST requests do not remain in the browser history
  • POST requests cannot be bookmarked
  • POST requests have no restrictions on data length

Error Handling

We should always be careful while collecting GET/POST data, because if a user enters empty values, above PHP script will end-up with an error message on the screen, to deal with unnecessary errors we can use PHP variable handling Functions, something like isset(). This function will return TRUE if the variable exist, allowing us to display a friendly message instead of nasty error. let's modify grab_values.php so it can deal gracefully with empty variables.
PHP
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
<?php

//!(exclamation mark) returns the opposite value of the boolean variable, 
//it means isset() will return true if value is empty.

if(!isset($_POST["user_name"])) //isset returns true when value is empty
{
     die("Please go back and enter name"); //exit page after outputting the message.
}

if(!isset($_POST["user_location"]))
{
     die("Please go back and enter Location"); //exit page after outputting the message.
}

//output result 
echo 'Hi '.$_POST["user_name"];
echo $_POST["user_location"].' is a cool place';
?>
Example above is the simplest way of handling errors, but there are better ways to do it without using die(). I hope this article has helped you understand PHP $_GET, $_POST and error handling, Good luck!
  • today i try send data by get method for 4 hours :) and i use like this data : & #... and used from unicode , ascii , decimal , hex and any function that can help me to use the get method and finaly result that : $_get is the worst method to data passing.dont use or test or kidding with him :)) :) ;)
     Reply
New question is currently disabled!

  • About Sanwebe.com

    Sanwebe.com was founded in 2011 by Saran Chamling. A blog truely inspired by the ever changing web development world. It is a small effort to provide useful tips, tutorials and related resources to web developers.
© Sanwebe.com 2011-2024. All codes MIT license | Snippets | Contact