Post Or Get Method

Ok, I assume you know the basics of forms in html. There are two methods that you can use when creating a form in HTML. They are post and get, as in:

 

or:

 

One thing is that if you don't specify a method, then the Web server assumes that you are using the GET method. So what's the deal? They do the same thing right? Well, almost. You may have noticed that the URL looks a lot longer after you submit a form that uses the get method. For example, you may see something like:



That was just a comment but what if you had to submit password? The problem is the submitted url will be stored in history creating all sorts of security problems. The get method puts the contents of the form right in the URL. There are a few disadvantages to this. First, depending on your Web server's operating system and software, there is a limit to how much data you can send through a form using the get method. On many systems, this limit is 256 characters. Another thing is that, the individual GET queries are nicely stored in your Web server logs. If you are using space on a shared server, then other people on that server may be able to access data sent from your forms that use the get method.

The post method was created to correct the inadequacies of the get method. The information sent using the post method is not visible in the URL, and form data cannot be extracted by looking in the Web server logs. There also isn't such a small limit on the amount of data that can be sent from a form. Again, it depends on your server, but you probably won't ever hit the limit of sending data using the post method for a text-based form.

I use the post method for my scripts unless I need to debug something (I work a lot with php). When you need to debug something on a form, it is easy enough to switch to the get method (by changing the action line in your script) and then check the URL after you submit your buggy form. You can usually pick up typos and such with a quick look.

That is all what you should know about these when creating forms. If you have any doubts then ask here and others post your opinions.

This post has been edited by nitish: Jul 29 2008, 08:08 AM

as for my (limited) php experience I found the GET method quite useful for creating bookmarkable links, this is also what most online tutorials say about it... it also allows you to "rewrite" the URL to get rid of those question marks and create a "virtual" static address

is there a way to do those things while using the POST method?

Yes it might be useful for creating bookmarkable links but when you are sending sensitive information, GET is not good. Then what about the limit? It should also be taken into consideration. Forget everything, what is the need of bookmarking when sending data to server or what you call as virtual static address.

There are definitely times when you need to retain variables in the URL such as preserving settings so users are able to hit the reload button. You provide users with a link generally for example http://asdfasdf.com/index.html?view=1 in an anchor tag. But when you are working with very long forms, ones that go through several stages it can be handy to keep some variables in the URL.

I've used both in some of my forms and even at the same time. I havent had much time to experiment fully and finding out best practices for handling complex forms but its sometime very useful to have as a web developer as it gives you more options. There are many ways to do it but I'll share with you one way I know you can do it. Some may suggest you can keep those vairables hidden input values and just use the post method. This would work except there will be times when
you actually need to preserve some kind of variable in the URL that post just cant seem to handle. I cant think of a clear example right now but I will try and update once I figure it out lol but how you would do it is tag the variables on the action attribute for that form so you can still use post and still use a combination of get as well. I hope that makes sense.

When you combine this kind of form handling along with ajax it gets even more complex. Whats the best way to do it? Sure keeping it simple by presenting one long form would work but thats usally not desirebale to present your user with a long form. All they will see is work and will not want to spend the next 10 minutes filling it out. You break it up in to stages and give them an indication of how long it will take. What about all those error checking. Do you do it at the server or at the broswer using javascript? It all depends on what your checking for. Existing users will need to be checked at the database and anything simple that can be done at the broswer should be done there. Also do you use ajax to check it or just check on pre-submission with javascript and display the mistake there or at the server and display it after the initial submit?

Gmail has a nice elagant way of handling your request using ajax. It handles most of your request without entire page reloading. If you could design your forms in that way it would be alot nicer to the user but its alot of work and can be complex so there is so much way to handle user inputs.

If there was a book that listed all the best practices and teach you how to implement them I would defintely but it but I think the real problem here is the use of HTML and the www is evolving and continuelly evolving. Something written this year might not work for next year. The professions who design and build complex and use the methods for handling user input probably keep it a secret because they know it gives them the advantage over other novice developers. I think unless its been doucmented somewhere the only way you will learn and become a real pro is to do it.

Look at example forms created by major sites and document how they are done. their advantages and disadvantages and try and take and combine them into your own needs.

I've done two kinds of formal Internet website related papers at my university and they are not even teaching you anything advanced. I think a specialized school for web development would be better but then again you will only learn about that aspect. Even then you will probably need to experiement and learn on your own as they wouldnt be specialist in that field. I've talked to lectures about this and all they tell you is the internet and technologies are always changing so there are no clear best practices document out there unlike conventual desktop development and its true. We we have deal with broswers not meeting standards or supporting certain features.

Sorry about the long rant but I wanted to get my point across. If anyone is an expert out there and can share some info go ahead we newbies need it lol.

well I was mainly referring to getting data out of a database, the pages you generate are likely to be bookmarkable... or even just to save a search result so the user does not have to do it all over again especially if it's some kind of advanced search... agree on sensitive information



you brought up a good point in which I still haven't dug much, but yeah it feels like this kind of integration is what you ultimately need to produce something really functional, something that does not make the user go "what the...."



I've also notice this way of operating of gmail, I think when I have more knowledge of the matter I'll try to understand better how it works!



I'm not an experienced desktop programmer but when I first approached web programming, well you feel quite confined within your tiny page and always have to try to do things smartly without letting the user know what you are actually doing, it's like if the user were continuously looking at you and you only have a tiny little time window to do all your work... ok maybe that's too philosophical but hey one does not just need code

Combination of get and post
Post Or Get Method

Is it possible to use a combination of GET and POST at least even theoritically, I came across the question in a college assignment?

-reply by donaldson

Never use GET when it has a side effect
Post Or Get Method

Note that GET should not be used for operations that cause side-effects, such as using it for taking actions in web applications. One reason for this is that GET may be used arbitrarily by robots or crawlers, which should not need to consider the side effects that a request should cause.

See

http://en.Wikipedia.Org/wiki/Hypertext_Transfer_Protocol#Request_methods

for more detail.

-reply by Kim Spence-Jones

For simple application such as getting data using form , it is better to use POST method.
I got some other charactors in place of 'space' between words while trying with GET method.

To add my two cents, if you want to send a request and get a response, just use GET method, but when you want to send something to the website server to write something. Lets say a registration form, just use POST method, but always remember on the server side, after POST method succeeds, you need to redirect with a GET method, ALWAYS, which a lot of whom are forgetting to do, especially using PHP.

Usually there are problems when you do not redirect with a GET method after POST, you might click the reload/refresh button or push the back button and different browsers sometimes automatically refreshes the content and you might double post without wanting it, in fact I think that browsers act stupid except for Opera, when they ask do you want to send POST data after pushing back button and doesn't give an alternative just to view the page as it was in the cache!

So always remember that after POST you need to redirect to a GET method, just look at this forum Trap17, whenever you post a message, you do get redirected after posting, whenever you do a search for todays topics or whatever using POST, you get redirected to a GET page, you can use sessions or GET variables to save the information after POST or of course if you put the POST data into the database, just get the information from there.