Is my code a GET or a POST ??

[scanreg]

I have the following form tag:

 

<form action="?editform" method="post">

 

The php in my index.php file goes like this:

 

if (isset($_GET['editform']))

....etc.

 

I admit, I'm confused.

 

Is the form above a GET or a POST?

 

Many thanks 

[moonman89]

You are telling the form to post to $_POST, but you are trying to recieve a $GET.

I usually use $_REQUEST that contains both...

use print_r($_REQUEST); to see what I mean.

 

[PFMaBiSmAd]

action="?editform" causes a GET variable, editform, to be appended to the URL.

 

When the form is submitted, you will have $_GET['editform'] but the form fields will be $_POST variables.

 

Your code is correct for detecting that your form was submitted.

[.josh]

I have the following form tag:

 

<form action="?editform" method="post">

 

The php in my index.php file goes like this:

 

if (isset($_GET['editform']))

....etc.

 

I admit, I'm confused.

 

Is the form above a GET or a POST?

 

Many thanks 

 

If you look in the opening form tag, you can see what method the form is, by looking for the method=".." attribute.  it will either say "get" or "post"

[scanreg]

So, if I understand it, the form is a POST but it is sending a GET (as well as the POST variables)

 

Sound about right?

 

Many thanks 

[PFMaBiSmAd]

If you want to know for sure what you are getting from your form, use the following -

 

echo "<pre>";
echo "GET:";
print_r($_GET);
echo "POST:";
print_r($_POST);
echo "</pre>";

[roopurt18]

Since you're new I'll give you a small piece of heads up in terms of security.

 

Do not send sensitive information over GET because the web server will typically log requested URLs, including the GET variables.

 

Because logs are plain-text and all sorts of crazy things happen to them (they get archived, they're sent to dev teams for debugging and error fixing, etc.) it's best to not have anything sensitive in them.

 

I hope that makes sense.

[scanreg]

Since you're new I'll give you a small piece of heads up in terms of security.

 

Do not send sensitive information over GET because the web server will typically log requested URLs, including the GET variables.

 

Because logs are plain-text and all sorts of crazy things happen to them (they get archived, they're sent to dev teams for debugging and error fixing, etc.) it's best to not have anything sensitive in them.

 

I hope that makes sense.

 

Yes, absolutely, that has been hammered into my head, that's one of the reasons why I'm trying to understand how a "post" form is somehow resulting in a "get"

 

Many thanks

[patrickmvi]

Your are doing both a GET and a POST, you are POSTing data to a URL with a GET in it.  If you check both the $_GET and $_POST array, they will both have values.

[Third_Degree]

uh guys, PFMaBiSmAd got it right, the point of these two lines of code is to send post data and only process that postdata if the get variable specified in the action attribute exists.  End of story.  You're not "confusing" the server at all.

[gevans]

If you put ?editform into a hidden field you can work the whole form using the $_POST request...

 

<input type="hidden" name="editform" />
if (isset($_POST['editform']))

 

But there's nothing wrong with your current code

[roopurt18]

uh guys, PFMaBiSmAd got it right, the point of these two lines of code is to send post data and only process that postdata if the get variable specified in the action attribute exists.  End of story.  You're not "confusing" the server at all.

 

You're the first one to bring up confusing the server, so I'm not sure what you're talking about.

[Third_Degree]

knew my use of quotes would be attacked, it was a figure of speech?? :-\

 

it just meant that there's nothing wrong with sending multiple request types to the server