PHP GET VS POST

PHP GET VS POST

Category : PHP

In PHP, one can specify two different submission methods for a form. The method is specified inside a FORM element, using the METHOD attribute. The difference between METHOD=”GET” (the default) and METHOD=”POST” is primarily defined in terms of form data encoding. According to the technical HTML specifications, GET means that form data is to be encoded (by a browser) into a URL while POST means that the form data is to appear within the message body of the HTTP request.

 

Get Post
History: Parameters remain in browser history because they are part of the URL Parameters are not saved in browser history.
Bookmarked: Can be bookmarked. Can not be bookmarked.
BACK button/re-submit behavior: GET requests are re-executed but may not be re-submitted to the server if the HTML is stored in the browser cache. The browser usually alerts the user that data will need to be re-submitted.
Encoding type (enctype attribute): application/x-www-form-urlencoded multipart/form-data or application/x-www-form-urlencoded Use multipart encoding for binary data.
Parameters: can send but the parameter data is limited to what we can stuff into the request line (URL). Safest to use less than 2K of parameters, some servers handle up to 64K Can send parameters, including uploading files, to the server.
Hacked: Easier to hack for script kiddies More difficult to hack
Restrictions on form data type: Yes, only ASCII characters allowed. No restrictions. Binary data is also allowed.
Security: GET is less secure compared to POST because data sent is part of the URL. So it’s saved in browser history and server logs in plaintext. POST is a little safer than GET because the parameters are not stored in browser history or in web server logs.
Restrictions on form data length: Yes, since form data is in the URL and URL length is restricted. A safe URL length limit is often 2048 characters but varies by browser and web server. No restrictions
Usability: GET method should not be used when sending passwords or other sensitive information. POST method used when sending passwords or other sensitive information.
Visibility: GET method is visible to everyone (it will be displayed in the browsers address bar) and has limits on the amount of information to send. POST method variables are not displayed in the URL.
Cached: Can be cached Not Cached
Large variable values: 7607 characters maximum size. 8 Mb max size for the POST method.