Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 16

Thread: POST vs GET

  1. #1
    Senior Coder NancyJ's Avatar
    Join Date
    Feb 2005
    Location
    Bradford, UK
    Posts
    3,174
    Thanks
    19
    Thanked 66 Times in 65 Posts

    POST vs GET

    IMO, theres really no advantage in using GET to handle form data, but I noticed a lot of big sites like google and amazon etc use the querystring to pass data between pages, I was just wondering if anyone had any insight into why they do that?

  • #2
    Senior Coder
    Join Date
    Aug 2003
    Location
    One step ahead of you.
    Posts
    2,815
    Thanks
    0
    Thanked 3 Times in 3 Posts
    The URL with the querystring can be copied and pasted.
    I'm not sure if this was any help, but I hope it didn't make you stupider.

    Experience is something you get just after you really need it.
    PHP Installation Guide Feedback welcome.

  • #3
    Senior Coder
    Join Date
    Jul 2004
    Location
    New Zealand
    Posts
    1,315
    Thanks
    0
    Thanked 2 Times in 2 Posts
    Because GET it for retrieving resources/documents etc. It is considered safe and should not modify any data. POST is for updating/manipulating data.
    Forget style. Code to semantics. Seperate style from structure, and structure from behaviour.
    I code to specs, and test only in Firefox (unless stated otherwise).

  • #4
    Senior Coder NancyJ's Avatar
    Join Date
    Feb 2005
    Location
    Bradford, UK
    Posts
    3,174
    Thanks
    19
    Thanked 66 Times in 65 Posts
    Quote Originally Posted by hemebond
    Because GET it for retrieving resources/documents etc. It is considered safe and should not modify any data. POST is for updating/manipulating data.
    Thats not a reason, querystrings are ugly and I avoid them whenever possible, just because querying data is considered safe doesnt mean you should use GET, it just means that no harm should come of using it. I can however see marek_mar's point about being able to copy the full url.
    The new site I'm working on uses querystring, when I asked why the guy said cos at the time he didnt know any better way of doing it, then later they decided to keep it because it looked 'techy'

  • #5
    Senior Coder
    Join Date
    Jul 2004
    Location
    New Zealand
    Posts
    1,315
    Thanks
    0
    Thanked 2 Times in 2 Posts
    Quote Originally Posted by NancyJ
    Thats not a reason, querystrings are ugly and I avoid them whenever possible, just because querying data is considered safe doesnt mean you should use GET
    Of course you should. That's how the web works. That's what it's for. Using POST requests to retrieve data is stupid and wrong. It goes against well though-out web fundamentals.

    If you want to make clean URL's, use server-side redirection so the user can accept 'nice' URI's.
    Forget style. Code to semantics. Seperate style from structure, and structure from behaviour.
    I code to specs, and test only in Firefox (unless stated otherwise).

  • #6
    Senior Coder NancyJ's Avatar
    Join Date
    Feb 2005
    Location
    Bradford, UK
    Posts
    3,174
    Thanks
    19
    Thanked 66 Times in 65 Posts
    Quote Originally Posted by hemebond
    Using POST requests to retrieve data is stupid and wrong.
    Care to back that up?

    There are many times when you would never use a GET to query the database - just one example - login. That does not manipulate data, it only queries the database to find the user but you wouldnt use a GET for that - or would you?

  • #7
    Senior Coder
    Join Date
    Jul 2004
    Location
    New Zealand
    Posts
    1,315
    Thanks
    0
    Thanked 2 Times in 2 Posts
    Quote Originally Posted by NancyJ
    Care to back that up?
    Ever tried to use Firefox's "Add a Keyword for this Search" function with forms that use POST?
    Quote Originally Posted by NancyJ
    There are many times when you would never use a GET to query the database - just one example - login. That does not manipulate data, it only queries the database to find the user but you wouldnt use a GET for that - or would you?
    You are submitting information to the server. You are sending your credentials. You are modifying data, because you are initiating authorisation. POST should not return anything. After submitting your login details, you should be redirected with a GET request for a new resource (otherwise the user would just see a blank page after logging in).

    Read http://www.w3.org/2001/tag/doc/whenToUseGet.html and http://www.cs.tut.fi/~jkorpela/forms/methods.html , they explain things better than I ever could.
    Forget style. Code to semantics. Seperate style from structure, and structure from behaviour.
    I code to specs, and test only in Firefox (unless stated otherwise).

  • #8
    Senior Coder NancyJ's Avatar
    Join Date
    Feb 2005
    Location
    Bradford, UK
    Posts
    3,174
    Thanks
    19
    Thanked 66 Times in 65 Posts
    The first document basically just says the only reason to prefer GET over POST is for bookmarking/linking/caching as already mentioned.
    The second documents says you should use GET over post for queries just because W3C say so, it also says they give no reason for it, it later goes on to why the specification rules dont work in the 'real world' and there are times when you would have to break the rules either way - eg non ASCII characters possible in input, long query strings, hidden fields.

    So none of that backs up the 'Using POST requests to retrieve data is stupid and wrong.'.

  • #9
    Senior Coder
    Join Date
    Jul 2004
    Location
    New Zealand
    Posts
    1,315
    Thanks
    0
    Thanked 2 Times in 2 Posts
    Quote Originally Posted by NancyJ
    The second documents says you should use GET over post for queries just because W3C say so, it also says they give no reason for it
    You're right. What would the W3C know about the web.

    Tell you what. You use whatever method you want to, and I'll look the other way.
    Forget style. Code to semantics. Seperate style from structure, and structure from behaviour.
    I code to specs, and test only in Firefox (unless stated otherwise).

  • #10
    Senior Coder NancyJ's Avatar
    Join Date
    Feb 2005
    Location
    Bradford, UK
    Posts
    3,174
    Thanks
    19
    Thanked 66 Times in 65 Posts
    Quote Originally Posted by hemebond
    You're right. What would the W3C know about the web.

    Tell you what. You use whatever method you want to, and I'll look the other way.
    Well you and the other sheep can follow any orders you like without any explaination or reasoning, but I'm one of those people who has a brain and can think for myself.
    Just some food for thought, the W3C break their own rules (and admit to it) with their validator and fully admit that blindly following these rules doesnt work in the real world. There are plenty reasons why you would want/need to use post for queries.

  • #11
    Senior Coder
    Join Date
    Jul 2004
    Location
    New Zealand
    Posts
    1,315
    Thanks
    0
    Thanked 2 Times in 2 Posts
    Quote Originally Posted by NancyJ
    Well you and the other sheep can follow any orders you like without any explaination or reasoning, but I'm one of those people who has a brain and can think for myself.
    We do have reasons. And the key to standards is that everyone agrees to follow them. That's why the web has worked as well as it has. You don't want to play? Go make your own sand-pit.

    Can you give me a good reason to not follow these rules?
    Last edited by hemebond; 01-05-2006 at 12:35 PM.
    Forget style. Code to semantics. Seperate style from structure, and structure from behaviour.
    I code to specs, and test only in Firefox (unless stated otherwise).

  • #12
    Senior Coder NancyJ's Avatar
    Join Date
    Feb 2005
    Location
    Bradford, UK
    Posts
    3,174
    Thanks
    19
    Thanked 66 Times in 65 Posts
    Quote Originally Posted by hemebond
    We do have reasons.
    You've still not provided any. Only an idiot would obey a rule blindly without question, just because someone else said so.
    Quote Originally Posted by hemebond
    And the key to standards is that everyone agrees to follow them. That's why the web has worked as well as it has.
    Thats a load of crap.
    Most people dont follow the standards, in fact most people dont even know they exist. The web isnt somewhere where you have to read a rule book and pass a test or agree to terms and conditions before you can make and publish a website. Anyone with a computer can call themselves a 'web designer' and start putting crap out on the web.
    The W3C have nothing to do with the success of the web. Look at their 'achievements'
    October 1996: PNG Recommendation - still not widely used, with gifs and jpgs being prefered for web.
    December 1996: CSS 1.0 - still not fully supported by mainstream browsers
    Feb 1997: WAI - sites that comply are still in the minority

    Dont get me wrong, I'm all for web standards, but you cannot say that they are why the web works, because it just isnt the case.
    The affect they have on the web is minimal. If that changes, great, if it doesnt, the majority of people wont even notice, or care.

    Quote Originally Posted by hemebond
    Can you give me a good reason to not follow these rules?
    I have, twice.

  • #13
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,095
    Thanks
    11
    Thanked 101 Times in 99 Posts
    Only post here if you have a new answer/idea re: the original question.

    Any more bickering and I will set the Spookster on you..
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #14
    Senior Coder missing-score's Avatar
    Join Date
    Jan 2003
    Location
    UK
    Posts
    2,194
    Thanks
    0
    Thanked 0 Times in 0 Posts
    POST vs GET:

    POST can send very large amounts of data and file uploads, whereas GET is usually limited to 1 KB. Sensitive information can be sent through POST becuase it does not appear in the brower address bar.

    GET vs POST:

    URLs ith a querystring can be easily bookmarked by a user, for example google search results. The URL can be copy/pasted and give the same outcome. GET is also very important for people who dont have cookies on a site using PHP sessions. Finally, GET variables can be added to basic links (<a href="..">) and not just in forms (which is required to send POST information).


    IMHO:

    GET is a much better method to use when making requests for data, providing it is used properly. Using GET means copiable URLS and also that implementing .htaccess rewrite rules to access specific pages is very easy. Also (although I'm not sure of the exact rules search engines use), it means that your URL's might be indexed better due to querystring information.

  • #15
    Senior Coder
    Join Date
    Sep 2005
    Posts
    1,791
    Thanks
    5
    Thanked 36 Times in 35 Posts
    It's probably worth noting that while for operations that don't modify things, it's pretty irrelevant which method you use (in most cases...), the opposite isn't true. Using GET for modification is in the majority of cases isn't particularly sensible, for precisely the reason that it can be bookmarked, navigated back to/refreshed (without a friendly browser warning). While this is probably ok for a script that only you will run (it would, for example be easier to run from a command-line should you so desire), if there's end-users involved then it becomes unintuitive.


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •