Difference between GET and POST method in PHP

Two HTTP request methods are used by PHP to send data from a client (like a web browser) to a server: GET and POST. Both methods are used to transmit data, but they each have unique properties and applications.

PHP GET Method

The GET method in PHP allows data to be passed from a web page to a PHP script via the URL. The information is added to the URL as a query string when a user clicks on a link or submits a form using the GET method so that the PHP script can process it.

PHP GET Method Example

Let's build a PHP "GET" method demonstration example. In order to handle the form data, let's first create an HTML form with the action attribute set to the URL of the PHP script as follows:

<form action="process.php" method="GET">
  <label for="name">Name:</label>
  <input type="text" name="name">
  <br>
  <label for="email">Email:</label>
  <input type="email" name="email">
  <br>
  <input type="submit" value="Submit">
</form>

This is a HTML form that allows a user to enter their name and email to submit. The form is submitting data to the "process.php" script using the GET method, which means that the form data will be appended to the URL as a query string.

The $_GET superglobal in "process.php" retrieves form data. $_GET['name'] retrieves the name value. $_GET['email'] retrieves the email value. Now is the time to create the "process.php" script to handle the form data.

<?php
   if (isset($_GET['name']) && isset($_GET['email'])) {
      $n = $_GET['name'];
      $e = $_GET['email'];
      echo "Hi <b>$n</b>, Your email address is <b>$e</b>.";
   } else {
      echo "Error: Missing parameters.";
      exit;
   }
?>

Now this PHP code checks if the 'name' and 'email' parameters are set in the URL query string using the isset() function. If both parameters are set, the code assigns their values to variables $n and $e, respectively, using the $_GET superglobal.

The code then outputs a personalized message "Hi $n, Your email address is $e." to the user, where $n is the value of the 'name' parameter and $e is the value of the 'email' parameter in the query string. The message indicates that the form data are processed successfully. If either 'name' or 'email' parameter is missing from the query string, the code will output an error message ""Error: Missing parameters." and exit the script using the exit() function. This is done to prevent the code from continuing to run if the required parameters are missing.

Now, enter "William" in the "Name" box and "wil123@gmail.com" in the "Email" box, then press the enter key. The information from the form will be sent to the "process.php" script, which will make the following output along with the information shown in the URL.

php get vs post example

PHP POST Method

The POST method in PHP is a way to submit data to a web server from an HTML form. Unlike the GET method, which appends the form data to the URL query string, the POST method sends the data as a separate message in the HTTP request body. This makes it more secure and suitable for submitting sensitive data like passwords or credit card numbers.

PHP POST Method Example

Because the POST method is a secure way to post form data, we can use it to handle some critical forms such as signup or login. As an example:

<form action="login.php" method="POST">
  <label for="user">Username:</label>
  <input type="text" name="user">
  <br>
  <label for="password">Password:</label>
  <input type="password" name="password">
  <br>
  <input type="submit" value="Login">
</form>

This is a HTML form that allows a user to enter their username and password to login. The POST method sends the data as a separate message in the HTTP request body, not as a query string appended to the URL. Now is the time to create the "login.php" script.

<?php
   if (isset($_POST['user']) && isset($_POST['password'])) {
      $u = $_POST['user'];
      $p = $_POST['password'];
      if (valid_login($u, $p)) {
         echo "Hi $u, welcome again!";
      } else {
         echo "Invalid username or password.";
      }
   } else {
      echo "Error: Missing parameters.";
      exit;
   }

   function valid_login($user, $password) {
      return ($user == 'william' && $password == 'will@123');
   }
?>

In this example, the script checks if the 'user' and 'password' parameters are set in the $_POST superglobal using the isset() function. If both parameters are set, the script assigns their values to variables $u and $p, respectively.

The script then calls a function valid_login() to authenticate the user and password. In this case, the function simply checks if the username is "william" and the password is "will@123". If the login is valid, the script outputs a personalized message, "Hi $u, welcome again!" to the user, where $u is the value of the 'user' parameter in the form data. If the login is invalid, the script outputs the error message "Invalid username or password."

If either the "user" or "password" parameter is missing from the form data, the script will show the error message "Error: Missing parameters" and end the script using the exit() function. This is done to stop the code from running if it doesn't have all the required parameters.

Let me show you the demo. I just typed the username and password values as shown in the following snapshot:

difference between get and post in PHP

When I clicked on the "Login" button, here is the output I got:

difference between get and post in PHP

Important: The preceding example is provided solely for your convenience. It is not recommended to use the above code to implement login in your application. Because other codes must be added before logging the user into the website or application to handle the form data more efficiently. I made another post with a more detailed description of the PHP and MySQLi login page.

Advantages of the GET method in PHP

Disadvantages of the GET in PHP

Advantages of the POST method in PHP

Disadvantages of the POST in PHP

PHP Online Test


« Previous Tutorial Next Tutorial »