The variables in $_REQUEST are provided to the script via the GET, POST, and COOKIE input mechanisms.
Is there a way in code igniter to access GET and POST both data through one predefined variable or function
You can use
$this->input->post_get('some_data', TRUE);
This will work like $_REQUEST.More function are there like cookie,server.
For more information check here
Hi i am looking at differences between $_GET and $_POST methods , i came across some articles that says
A POST request also has $_GET parameters
So a POST request is a superset of a GET request; you can use $_GET in a POST request, and it may even make sense to have
parameters with the same name in $_POST and $_GET that mean different
things.
When should I use GET or POST method? What's the difference between them?
http://www.sitepoint.com/on-get-and-post/
And there is an example also
For example, let's say you have a form for editing an article. The
article-id may be in the query string (and, so, available through
$_GET['id']), but let's say that you want to change the article-id.
The new id may then be present in the request body ($_POST['id']).
so how can we use $_GET['id'] and $_POST['id'] at the same time , confusing .
Please explain this with a simple example . so everyone including me , who does not understand this can understand well .
Thank you in advance :)
I'll explain to you by using an example:
<form method='post' action='edit-article.php?article_id=3'>
<label for='article_name'>Article name:</label>
<input type='text' name='article_name' value='' />
<input type='submit' name='edit' value='Change article name' />
</form>
When you press submit you will be redirected to edit-article.php?article_id=3
Here you will have the following variables set:
$_GET['article_id'] (from url), $_POST['article_name'](from form) and $_POST['edit'] (the submit button, also via form)
Perhaps the simplest way to understand this is that $_GET is simply badly named. All it actually represents is the values of "query string" parameters parsed from the part of a URL after a ?. Since every request has a URL, whatever type it is, any request can populate $_GET.
$_POST, on the other hand, is populated only for POST requests, and even then only those whose request body is in a particular format.
When you use method=get in HTML, the browser just creates a URL based on the form data, and asks for that URL with a GET request the same as you typing it into the address bar. With method=post, the form data is sent separately from the URL, but the URL might still contain a ? and a query string.
Think of it like this. You have two completely different arrays:
$A = array();
$B = array();
Now you can write this piece of code:
$A['id'] = 8;
$B['id'] = 5;
The above code is completely valid. These are different arrays, they just happen to have the same keys with different values assigned to them.
$_GET and $_POST are different variables. Everything you write into the url query will show up in the $_GET variable, evrerything you send via POST will end up in $_POST. So you can set the same key in the URL query and in the POST data.
However, $_REQUEST holds the data of $_GET, $_POST and $_COOKIE. If you have the same keys in $_POST and $_GET we can assume, that $_REQUEST will hold only one of the values. I actually do not know, which value will be saved in $_REQUEST and I hope someone else knows the answer to that, because I am very curious about that.
I call my php file in the browser with "...test.php?text=Hello" but the $_POST variable stays empty (also print_r($_POST) returns array() ).
Why? Do I need to activate the post variable or something?
Thanks.
Variables passed in through the URL end up inside $_GET, not $_POST.
$_POST contains variables parsed by reading the HTTP request body when the method is POST. In this case the method is not POST and there is also no request body.
If you pass the variable through the URL you use $_GET.
Also, you will access the variable with:
$_GET['text']
This is a array that is sent through and you need to specify what item in the array you want to use.
...test.php?text=hello passes data via the GET method (accessible via $_GET in the processing script).
$_POST gets populated by forms or cURL access (when the transfer method is defined as "post")
Beginners PHP Question: What the difference between $_POST and $_FILES?
PHP.net says:
$_POST is an associative array of variables passed to the current script via the HTTP POST method
$_FILES is an associative array of items uploaded to the current script via the HTTP POST method
Could anyone explain what this means in practical terms?
Both $_POST and $_FILES are so called in php "superglobals". They are predefined variables(arrays), which means they are available in all scopes throughout a script. There is no need to declare them to access them within functions or methods.
$_POST contains all the data from forms (except files)
$_FILES contains all files sent to server via forms (only from <input type="file" />)
$_POST and $_FILES are called 'superglobals'.
$_POST contains the data from the form without displaying it in the url address. So it's safe in posting data.
But for files you have to use $_FILES, because files can not be posted using $_POST.
Hope it will work for you.
Both $_POST and $_FILES are so called in php "superglobals".
They are predefined variables(arrays), which means they are available in all scopes throughout a script.
There is no need to declare them to access them within functions or methods.
$_POST contains all the data from forms (except files)
$_FILES contains all files sent to server via forms
(only from )
Which of these code will be faster?
$temp = $_REQUEST['s'];
or
if (isset($_GET['s'])) {
$temp = $_GET['s'];
}
else {
$temp = $_POST['s'];
}
$_REQUEST, by default, contains the contents of $_GET, $_POST and $_COOKIE.
But it's only a default, which depends on variables_order ; and not sure you want to work with cookies.
If I had to choose, I would probably not use $_REQUEST, and I would choose $_GET or $_POST -- depending on what my application should do (i.e. one or the other, but not both) : generally speaking :
You should use $_GET when someone is requesting data from your application.
And you should use $_POST when someone is pushing (inserting or updating ; or deleting) data to your application.
Either way, there will not be much of a difference about performances : the difference will be negligible, compared to what the rest of your script will do.
GET vs. POST
1) Both GET and POST create an array (e.g. array( key => value, key2 => value2, key3 => value3, ...)). This array holds key/value pairs, where keys are the names of the form controls and values are the input data from the user.
2) Both GET and POST are treated as $_GET and $_POST. These are superglobals, which means that they are always accessible, regardless of scope - and you can access them from any function, class or file without having to do anything special.
3) $_GET is an array of variables passed to the current script via the URL parameters.
4) $_POST is an array of variables passed to the current script via the HTTP POST method.
When to use GET?
Information sent from a form with the GET method is visible to everyone (all variable names and values are displayed in the URL). GET also has limits on the amount of information to send. The limitation is about 2000 characters. However, because the variables are displayed in the URL, it is possible to bookmark the page. This can be useful in some cases.
GET may be used for sending non-sensitive data.
Note: GET should NEVER be used for sending passwords or other sensitive information!
When to use POST?
Information sent from a form with the POST method is invisible to others (all names/values are embedded within the body of the HTTP request) and has no limits on the amount of information to send.
Moreover POST supports advanced functionality such as support for multi-part binary input while uploading files to server.
However, because the variables are not displayed in the URL, it is not possible to bookmark the page.
$_GET retrieves variables from the querystring, or your URL.>
$_POST retrieves variables from a POST method, such as (generally) forms.
$_REQUEST is a merging of $_GET and $_POST where $_POST overrides $_GET. Good to use $_REQUEST on self refrential forms for validations.
I'd suggest using $_POST and $_GET explicitly.
Using $_REQUEST should be unnecessary with proper site design anyway, and it comes with some downsides like leaving you open to easier CSRF/XSS attacks and other silliness that comes from storing data in the URL.
The speed difference should be minimal either way.
Use REQUEST. Nobody cares about the speed of such a simple operation, and it's much cleaner code.
Don't worry. But you should still use the second solution (plus an extra check for none of those variables existing), because there are security issues with $_REQUEST (since $_GET and $_POST aren't the only sources for that array).
There was a post about the problems with $_REQUEST yesterday, I believe. Let me go find it.
EDIT: Oh well, not directly a post, but here it is anyway: http://kuza55.blogspot.com/2006/03/request-variable-fixation.html
if (isset($_GET['s'])) {
$temp = $_GET['s'];
}
else {
$temp = $_POST['s'];
}
Use that because it is safer and it won't make noticeable speed difference
$_GET retrieves variables from the querystring, or your URL.>
$_POST retrieves variables from a POST method, such as (generally) forms.
$_REQUEST is a merging of $_GET and $_POST where $_POST overrides $_GET. Good to use $_REQUEST on self refrential forms for validations.
There are certain security concerns involved as a hacker can set a cookie that will override a $_POST or $_GET value. If you handle sensitive data, I would not recommend using $_REQUEST. – Xandor
you can't be used $_GET alternative of $_POST on some case.
When ??
when you want to upload a file.
when you don't won't to show a data in url.
GET also has limits on the amount of information to send. The limitation is about 2000 characters.
Other thing's there are few case when you can't retrieve a data using $_POST
When ?
when data is passed in URL.
For Rest Service
`GET` - Provides a read only access to a resource.
`PUT` - Used to create a new resource.
there is nothing be wrong to use $_REQUEST.
But the way to do that is to check $_SERVER['REQUEST_METHOD'] explicitly, not rely on $_POST being empty for a GET.
I would use the second method as it is more explicit. Otherwise you don't know where the variables are coming from.
Why do you need to check both GET and POST anyway? Surely using one or the other only makes more sense.
I only ever use _GET or _POST. I prefer to have control.
What I don't like about either code fragment in the OP is that they discard the information on which HTTP method was used. And that information is important for input sanitization.
For example, if a script accepts data from a form that's going to be entered into the DB then the form had better use POST (use GET only for idempotent actions). But if the script receives the input data via the GET method then it should (normally) be rejected. For me, such a situation might warrant writing a security violation to the error log since it's a sign somebody is trying something on.
With either code fragment in the OP, this sanitization wouldn't be possible.
I would use $_POST, and $_GET because differently from $_REQUEST their content is not influenced by variables_order.
When to use $_POST and $_GET depends on what kind of operation is being executed. An operation that changes the data handled from the server should be done through a POST request, while the other operations should be done through a GET request. To make an example, an operation that deletes a user account should not be directly executed after the user click on a link, while viewing an image can be done through a link.
I use this,
$request = (count($_REQUEST) > 1)?$_REQUEST:$_GET;
the statement validates if $_REQUEST has more than one parameter (the first parameter in $_REQUEST will be the request uri which can be used when needed,
some PHP packages wont return $_GET so check if its more than 1 go for $_GET, By default, it will be $_POST.
You are prematurely optimizing. Also, you should really put some thought into whether GET should be used for stuff you're POST-ing, for security reasons.
It's ugly and I wouldn't recommended it as a final solution when pushing code live, but while building rest functions, it's sometimes handy to have a 'catch-all' parameter grabber:
public static function parseParams() {
$params = array();
switch($_SERVER['REQUEST_METHOD']) {
case "PUT":
case "DELETE":
parse_str(file_get_contents('php://input'), $params);
$GLOBALS["_{$_SERVER['REQUEST_METHOD']}"] = $params;
break;
case "GET":
$params = $_GET;
break;
case "POST":
$params = $_POST;
break;
default:
$params = $_REQUEST;
break;
}
return $params;
}
Someone creative could probably even add to it to handle command line parameters or whatever comes from your IDE. Once you decide what a given rest-function is doing, you can pick one appropriate for that given call to make sure you get what you need for the deploy version.
This assumes 'REQUEST_METHOD' is set.