2

I am writing a PHP application that has a few forms. Often when a form is submitted I want to 1) update the database, then 2) forward to an URL. Usually the URL is dynamically constructed using parameters that were supplied as part of the last request.

My question is this: if a parameter is supplied in a request, solely for the purpose of constructing the 'forward to' url, should it be passed in the $_POST array or the $_GET array?

At the moment any parameters that need to be persisted as passed in $_POST, and those used solely for redirection are passed in $_GET.

This response, https://stackoverflow.com/a/1993498/356282, suggests that I should choose one method or the other...

Community
  • 1
  • 1
DatsunBing
  • 8,684
  • 17
  • 87
  • 172
  • 2
    The accepted answer in the question you posted nails it pretty well. So long as you're not building a REST API I would say it is fine to include parameters that do not have side effects in GET. In the case of a user application you can argue that using both GET and POST will keep your operations separate: POST for updating and GET for routing. – Mathew Tinsley Jan 05 '15 at 05:57
  • One important thing to keep in mind here is that GET arguments show up in the URL, while POST arguments do not. From and end-user perspective, creating a new GET request is as easy sending someone a URL that has a query string in it. Creating a POST request is more difficult (meaning inconvenient). If that convenience factor plays no role in your application, I would say it doesn't really matter which method you choose. There are other considerations (e.g. GET has a more limited size than POST as far as data), but they may not come into play here. – Jacob Chappell Jan 05 '15 at 05:57
  • Jacob makes a good point about GET parameters being visible in the URL. Another thing to consider is what will happen if a GET request is made to that URL. Will your application work correctly if a users posts data, copies the resulting URL and then visits it later without submitting the form? – Mathew Tinsley Jan 05 '15 at 06:00
  • @mtinsley Your comment here is more clear than any answer in the linked question. I also think this question is better/may provide better future reference. Consider writing your comment as an answer -- you have my +1 – Niels Abildgaard Jan 05 '15 at 12:44

1 Answers1

0

I don't know the logic of your application but consider if your redirection is about users accessing some resources and it's about a authorizing users it's better parameters related to forward be in post global var. here's good tutorial on POST and GET. http://blog.teamtreehouse.com/the-definitive-guide-to-get-vs-post and also here's a question I think which can help you. When should I use GET or POST method? What's the difference between them?

Community
  • 1
  • 1
Majid Abdolhosseini
  • 2,191
  • 4
  • 31
  • 59