In Tutorial 1 I discussed the basics of PHP. I went over the things you can do with PHP, advantages of using PHP, basic syntax, use of variables, and a few things to look out for when coding. In this tutorial, I will go over the basic POST/GET functions and the different ways they can be used.

POST/GET are two functions used in forms. Before I continue, let me explain the pros and cons of both.

The POST function:

The POST function is a great tool when you work with PHP-based websites. There are many advantages to using it. I use the POST function as much as I can for I feel that it is more secure. For example, when you want the users to submit data to the server, you don’t want them to be able to change the information once it’s posted. In some cases that may be good, but if you have hidden fields that you do not want changed, using anything besides the POST method could be bad. Let’s say you have a form where the username must be more than 3 characters but less that 10. By using the POST method, you can secure the page so you are sure the data is within those limits. However, the only downside to using the POST method is that the data must stay on the same server. You can not have a form on one server and POST to another.

The GET function:

There are two cases where you would use the GET function. The first would be when you are submitting data from a form. This method is not always the best because the user can change the data once it is submitted. If your results page isn’t coded correctly, you could face major security risks. As far as submitting data goes, it is best to avoid the GET function. The only time it can be useful is when you are sending data between servers. However, you need to make sure the destination script will check for any changes or flaws in the data the user submitted.

The GET function can be used in a good way. Unlike the POST method, you do not need a form to use GET. The GET function can retrieve information from the url that can be crucial to a website. For example, some sites have one main page (mainly index.php) that calls any other pages. My site, www.ChrisAirey.com, does this. If you click a link on my site, you will be sent to index.php?id= where id equals the destination page. Based on the value of id, the script will call up the necessary files. Sometimes websites have certain options that will change based on the url. I will explain these methods later in this tutorial.

Now let’s examine the POST method.

As I have said before, I recommend naming all of your pages with a .php extension. However, it is not required for your php form. Unless you have other PHP content on the page, the form is 100% HTML. Below is a sample form that will submit username and password.

## Ex 2.1 ##

<form action=”post.php” method=”POST”>
<input type=”text” name=”username”><br>
<input type=”password” name=”password”><br>
<input type=”submit” value=”Log In”><br>
</form>

## Ex 2.1 ##

The above form will send the username and password to post.php. Note that you must specify what method you are using. If you do not specify a method, the form will use the GET method.

Now let’s look at post.php. The main job of this page is to retrieve the information that was posted to it. Sometimes it may insert the data into a database, other times it may query the database. The page may be simple and just echo out the information submitted. Or, it may email someone with a message from the original page. There are no set rules on what you can do with the POSTed information. In this case, we are
going to echo out what was posted.

For our convenience, the information has already been put into a variable. However, it may be a good idea to change its name. Either way, our job is almost done.

The variable used for all data posted is $HTTP_POST_VARS. You can also shorten this by using $_POST. If you echo either $HTTP_POST_VARS are $_POST, the script will echo “Array”. The reason for this is that the $_POST variable contains multiple pieces of information. I will explain this with greater detail in the Array tutorial. In order to retrieve the username or password, you need to add the posted name in between
brackets. If I wanted to retrieve the posted username, I would use $_POST[username]. Note, the name you put between the brackets is what you named it in the form. If you forget to name the input fields on the form, you will not be able to get that information through the destination script.

Below we will echo both the username and password.

## Ex 2.2 ##

<?php

echo “The username you submitted was: $_POST[username]<br>”;
echo “The password you submitted was: $_POST[password]“;

?>

## Ex 2.2 ##

If I entered in “Chris” for the username and “Airey” for the password, the page would read:

The username you submitted was: Chris
The password you submitted was: Airey

If you want to shorten the variable name, you will have to change it. However, you cannot change the name of the variable completely. Before we learned how to create a variable and add a value to it. We will do the same for this:

$username = $_POST[username];
$password = $_POST[password];

Now we will redo the above script with the new variables.

## Ex 2.3 ##

<?php

$username = $_POST[username];
$password = $_POST[password];

echo “The username you submitted was: $username<br>”;
echo “The password you submitted was: $password”;

?>

## Ex 2.3 ##

When you view the page, the information will be the same as it was above. One thing to remember, if you echo $_POST[username] again, you will get the original value. This can be good for several reasons. I generally use this when encrypting a password. The below script shows how you can change a variable’s information yet still view what was originally posted.

## Ex 2.4 ##

<?php

$username = $_POST[username];

$username = “($username)”;
$password = “($_POST[password])”;

echo “The username you submitted was: $_POST[username]<br>”;
echo “The password you submitted was: $_POST[password]<br>”;
echo “The altered username you submitted was $username<br>”;
echo “The altered password you submitted was $password”;

?>

## Ex 2.4 ##

I added several things to the above script to show you how you can combine multiple methods. Before I continue, let me show you what the above script would have generated.

The username you submitted was: Chris
The password you submitted was: Airey
The altered username you submitted was (Chris)
The altered password you submitted was (Airey)

First, I decided to create a variable username and fill it with the information supplied in $_POST[username]. After I made the variable, I decided to change it again. However, this time I added parentheses around the username. The process itself took me two steps. For the password, I cut out the first step. Instead of
creating the variable then adding the parentheses in step two, I created the variable and added the parentheses at the same time. If I wanted to, I could have done everything as I echoed it. Example:

echo “The password you submitted was: $_POST[password]<br>”;
echo “The altered password you submitted was ($_POST[password])”;

I will explain the uses of POSTed information with more depth as I get to database and management tutorials.

The GET method can be used for the same purposes as the POST method. I will cut this section fairly short since you retrieve the variable the same way. If you were making a form and wanted to retrieve the data, you could use either $HTTP_GET_VARS or $_GET. Everything else is the same as POST. The one difference between POST and GET is that you do not need to officially submit GET.

If you are not submitting data, you can change GET values just by altering the url.

When adding information to a url, you need to remember some basic syntax.

www.chrisairey.com/index.php?

For any webpage that uses GET data, you need to add a question mark after the file name. If the page you are querying is the index page, the file name isn’t even required. For example:

www.chrisairey.com/?

Since index.php is the directory page, I do not need to call it specifically. However, if I were querying post.php, I would need to include the entire path.

www.chrisairey.com/post.php?

Now to add the variables.

Adding a variable is quite simple. Just use variable=value. Below, id will be equal to home.

www.chrisairey.com/index.php?id=home.

If index.php had a script that read:

echo $_GET[id];

the returned value would be “home”. If you want to add more than one variable to a page, simply add the & sign after each value.

www.chrisairey.com/index.php?id=home&door=closed

If you do not want to define a value you can do the following:

www.chrisairey.com/index.php?id=home&door=&window=shut

Or, you can simply not name it at all. Remember, though, to add the & sign after each variable. The & sign is not required after the last variable in a string.

I’m now going to make a simple page with a menu.

<a href=”index.php?id=start”>Start</a><br>
<a href=”index.php?id=stop”>Stop</a>

You can clearly see that it is quite simple to define the GET variables. I will use these two functions (POST and GET) later in my tutorial series.

Need a web hosting provider for your PHP scripts? Try ReadySetConnect.com