On Thu, August 9, 2007 7:55 pm, Daevid Vincent wrote: > It has a size limit for one (maybe 1k chars?) The limit has been increased with each version of the HTTP spec, and implementors have always been encouraged to make the limit as high as practical. But they could not claim to be implementing the spec with a limit SMALLER than the spec. > and it is trivial for > someone to modify. I am always concerned when I see this statement in isolation with respect to GET, as it might imply to the reader that POST is somehow harder to modify. Nothing could be further than the truth! Any moron can use "Save as..." on a FORM page, then alter each VALUE="..." to whatever they like, or add more INPUT tags, and then open the form and click "submit" to send whatever POST data they like! Similarly, it is equally trivial to open up your own cookie files (in most browsers) and alter the contents. > I generally use GET when I think it's a page "setup" the user may wish > to bookmark (ie: page.php?orderby=name&descending=1&report=69 ) Definitely use GET if you want it bookmarkable. > And POST for submitting data that I want to save. (ie: add a new user > and all their glory). Definitely use POST if it "changes" anything server-side. Google for "HTTP idempotent" for more info on this. -- Some people have a "gift" link here. Know what I want? I want you to buy a CD from some indie artist. http://cdbaby.com/browse/from/lynch Yeah, I get a buck. So? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php