RE: get and post together

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, August 9, 2007 7:55 pm, Daevid Vincent wrote:
> It has a size limit for one (maybe 1k chars?)

The limit has been increased with each version of the HTTP spec, and
implementors have always been encouraged to make the limit as high as
practical.

But they could not claim to be implementing the spec with a limit
SMALLER than the spec.

> and it is trivial for
> someone to modify.

I am always concerned when I see this statement in isolation with
respect to GET, as it might imply to the reader that POST is somehow
harder to modify.

Nothing could be further than the truth!

Any moron can use "Save as..." on a FORM page, then alter each
VALUE="..." to whatever they like, or add more INPUT tags, and then
open the form and click "submit" to send whatever POST data they like!

Similarly, it is equally trivial to open up your own cookie files (in
most browsers) and alter the contents.

> I generally use GET when I think it's a page "setup" the user may wish
> to bookmark (ie: page.php?orderby=name&descending=1&report=69 )

Definitely use GET if you want it bookmarkable.

> And POST for submitting data that I want to save. (ie: add a new user
> and all their glory).

Definitely use POST if it "changes" anything server-side.

Google for "HTTP idempotent" for more info on this.

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux