===== HTTP Request Methods =====
When accesssing a web page, you can do so using several different types of request methods. The methods are:
* **GET**
* **POST**
* **HEAD**
The most common method is **GET** which is the type of request made when you type an address into your web browser, open a site using a bookmark, or click on a hyperlink on a site. All variables that are passed to the web page are clearly visible in the //location// or //address// string. They appear as a query string which appears after the script name and looks something like ''?action=go&user=ted&pass=secret''. The query string always begins with the question mark (**?**).
Another very common method is **POST** which was designed for handling web forms. This allows a much greater flexibility for passing data in that it enables you to pass large amounts of data. In order to create a post request, you need to write HTML code to create a form like so:
The final method **HEAD**, is only used by search engine spiders to get the meta information about a page (the headers only). Information in the headers includes the date and time when the page was last modified. Search engines uuse this to determine if the page should be crawled again or not. In ordinary web development, you shouldn't need to use this type of request at all. In fact, there is no way to create this type of request using standard HTML (it can only be done programmatically.)
===== Get Variables =====
Get variables are accessed using the built-in global variable **$_GET**. These variables are read from the query string portion of the URL. Because of this, they are always visible to the user in the //address// or //location// bar of the web browser.
// access this script as: script.php?user=Ted
echo 'user = ' . $_GET['user'];
All variables that are passed in the query string must be encoded to ensure the safe passing of data. Even a basic character like the space is encoded using a hexadecimal string which looks like ''%20'' (representing ASCII code 32). Most scripting languages provide a way to do this encoding for us and PHP is no exception. You encode query string data using the [[urlencode]] function.
You should also note that the $_GET array is an associative array (or hashtable). Because of this, you can easy enumerate all of the keys and values using the [[foreach]] construct:
echo 'GET Variables
';
foreach ($_GET as $k=>$v)
echo $k . ' = ' . htmlspecialchars($v) . '
';
===== Post Variables =====
Post variables are form variables that are submitted to a web page via a webform (or programmatically.) They are created by create a web form (using the **FORM** element) and then populating this form with input elements (**INPUT**, **SELECT**, and **TEXTAREA**).
Unlike a **GET** request, these variables are not visible to the user (unless programming in the web page specifically outputs them to the user.)
// access this script by submitting a web form
if ($_SERVER['REQUEST_METHOD'] != 'POST')
echo 'Request method must be POST';
elseif (isset($_POST['username']))
echo 'username = ' . $_POST['username'];
else
echo 'Post variable username was not defined';
Above, you will see we have used the **$_SERVER** built-in variable to test the request method used to access the page. Also, you will notice we test to see if the post variable has been set using the [[isset]] function.
You should also note that the $_POST array is an associative array (or hashtable). Because of this, you can easy enumerate all of the keys and values using the [[foreach]] construct:
echo 'POST Variables
';
foreach ($_POST as $k=>$v)
echo $k . ' = ' . htmlspecialchars($v) . '
';
===== Cookie Variables =====
Cookies are a special variable which is stored on the client's computer. They allow you to persist data across multiple web page requests. Just like **$_GET** or **$_POST**, the built-in variable **$_COOKIE** is an associative array (or hashtable) that gives you access to cookies.
Enumeration of cookies works just like the other built-ins:
echo 'COOKIE Variables
';
foreach ($_COOKIE as $k=>$v)
echo $k . ' = ' . htmlspecialchars($v) . '
';