🔥Hot:

Differences And Usage POST and GET on PHP Form

A form is an HTML element for sending data to the server. For details on form elements and input elements in HTML, please visit the form page in html and input elements in html . You may also need to look at the HTML table .

This topic will not go into too much detail about form elements and HTML input, and will focus more on accepting form data on the server side with PHP. Immediately, the following is an example of the script.

<!doctype html>
<html>
  <head>
    <title>Coba Form</title>
    <style>
      table{background: #FB7;}
      table td{padding: 2px; margin: 2px; background: #FFC;}
      table tr:nth-child(odd) td {background: #FFA;}
    </style>
  </head>
  <body>
    <!--action kosong berarti mengirim ke diri sendiri-->
    <form method="POST" action="">
      <table>
        <tr>
          <td>Nama</td>
          <td><input type="text" name="nama" /></td>
        </tr>
        <tr>
          <td>Password</td>
          <td><input type="password" name="password" /></td>
        </tr>
        <tr>
          <td>E-mail</td>
          <td><input type="email" name="email" required /></td>
        </tr>
        <tr>
          <td>Website</td>
          <td><input type="url" name="web" required /></td>
        </tr>
        <tr>
          <td>Jenis Kelamin</td>
          <td><input type="radio" name="kelamin" value="Laki-laki"/>Laki-laki <input type="radio" name="kelamin" value="Perempuan" />Perempuan</td>
        </tr>
        <tr>
          <td>Umur</td>
          <td><input type="number" name="umur"/></td>
        </tr>
        <tr>
          <td>Tanggal Lahir</td>
          <td><input type="date" name="lahir"/></td>
        </tr>
        <tr>
          <td>Hobi</td>
          <td>
            <input type="checkbox" name="hobi[]" value="Gaming"/>Main game<br />
            <input type="checkbox" name="hobi[]" value="Movies" />Nonton<br />
            <input type="checkbox" name="hobi[]" value="Cooking" />Memasak<br />
            <input type="checkbox" name="hobi[]" value="Gardening" />Berkebun<br />
            <input type="checkbox" name="hobi[]" value="Writing" />Menulis<br />
          </td>
        </tr>
        <tr>
          <td>Warna kesukaan</td>
          <td><input type="color" name="warna" /></td>
        </tr>
        <tr>
          <td>Golongan</td>
          <td>
            <select name="golongan">
              <option value="">--Golongan--</option>
              <option value="mahasiswa">Mahasiswa</option>
              <option value="dosen">Dosen</option>
              <option value="staff">Staff / Karyawan</option>
              <option value="umum">Umum</option>
            </select>
          </td>
        </tr>
        <tr>
          <td>Lomba yang diikuti:</td>
          <td>Boleh pilih lebih dari satu<br />
            <select name="lomba[]" multiple>
              <option value="kerupuk">Makan kerupuk</option>
              <option value="pinang">Panjat pinang</option>
              <option value="catur">Catur</option>
              <option value="karung">Balap Karung</option>
              <option value="kelereng">Sendok Kelereng</option>
            </select>
          </td>
        </tr>
        <tr>
          <td colspan="2">
            Penjelasan lebih lanjut mengenai diri Anda:<br />
            <textarea name="keterangan"></textarea>
          </td>
        </tr>
        <tr>
          <td colspan="2"><button name="kirim">Daftar</button></td>
        </tr>
      </table>
      <input type="hidden" name="tersembunyi" value="Kode sesi: ABC DEF XYZ 123 789"/>
    </form>
    <hr />
    Data yang terkirim: <pre><?php print_r($_POST);?></pre>
  </body>
</html>

To learn the code above, it's best if you try to run it. Copy and paste the code above into a .php file, for example form.php. Then run and try to input data into the form that appears.

It should also be explained here that:

  1. hobby[] and race[] are arrays because they end with a []. Array is a PHP data type that can hold a lot of data at once.
  2. print_r() is a function that describes the contents of a variable. Usually an array or object variable.
  3. $_POST, together with $_GET, $_REQUEST, $_SERVER, $_COOKIE, $_FILES, $_SESSION, $_ENV are variables called superglobals. That is, a variable that is always available and accessible no matter what the scope of the variable is.

Method POST pada form PHP

The code above sends data  using the POST method. This method is often used in online registration forms, logins, online payments, guest book forms and so on. The properties of this method are:

  1. The data is not visible to the naked eye.
  2. When the page that received the data submission is refreshed or visited again with the back button. A warning "form resubmission" will appear. That is retransmission of data.
  3. Can hold more data than GET method
  4. Can also be used to send files (discussed in another topic).
  5. In PHP it is taken with $_POST

The nature of number 2 above can be prevented by using the ajax method. The use of ajax will be discussed in a separate topic.

The POST method is better in terms of security than the GET method. However, the security of the POST method can be further improved with https or ssh.

Method GET pada form PHP

In addition to the POST method, there is a GET method. This method is usually used in search forms or as web page navigation. The properties of this method are:

  1. The data sent is displayed on the URL, and can be edited via the URL
  2. When the page that received the data sent is refreshed, the data is automatically sent back without warning
  3. In some browsers, the size of the GET data is limited by the maximum number of characters in the URL (255 bytes)
  4. Unable to send image
  5. On PHP fetched with $_GET

The GET method should not be considered as a way to submit data on a form. The GET method is better used as a web address. For example the address https://www.google.co.id/search?q=learning+C+sharp&start=30 will take us to Google directly with the keyword "learning C sharp", starting from record 30 (page 4) .

We can edit our search on google by editing the URL. But of course it's easier for us to type our search through the search textbox on the google page.

Websites in the past used get as their page referrer. Suppose http://localhost/index.php?a=book will go to the book page. http://localhost/index.php?a=member will go to the member page and so on. Currently, this method has been enhanced (and complicated) by the use of .htaccess files.

The format of the GET method on the URL is:

  1. Starting with a question mark (?)
  2. Each field is separated by an ampersand (&)
  3. For special characters such as spaces, use URL encoding. The space will be %20. The equals sign (=) will be %3D.

Example:

<!doctype html>
<html>
  <head>
    <title>Coba GET</title>
    <!--Menggunakan font-awesome biar tombol cari bisa lebih keren-->
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css">
  </head>
  <body>
    <!--action kosong berarti mengirim ke diri sendiri-->
    <form method="GET" action="">
      Cari: <input type="text" name="katakunci"/>
      Harga Min <input type="number" name="min" />
      Harga Max <input type="number" name="max"/>
      <button name="cari"><i class="fa fa-search"></i></button>
    </form>
    <hr />
    Data yang terkirim: <pre><?php print_r($_GET);?></pre>
  </body>
</html>

Note that in the code above, the form element uses the method="GET" attribute. And also in the print_r function at the bottom, the variable sent to the print_r function is the $_GET variable.

The code above also makes a little use of the font-awesome library to bring up the magnifying glass icon on the search button.

Warning: DO NOT use the GET method for registration forms, login forms or forms with other sensitive information.

$_REQUEST pada PHP

Apart from using $_POST and $_GET the post and get data can also be retrieved with $_REQUEST. $_REQUEST contains the combined $_GET and $_POST data.

Although it looks efficient and easy, it is recommended NOT to use $_REQUEST because it is a security hole. If the script uses $_REQUEST in it, then the web application user can insert POST data via URL whenever he wants.

This is a brief overview of sending form data in PHP along with its security at a glance. May be useful.


Previous Post Next Post