A major problem people have in designing / creating forms is to decide whether to use the GET or POST methods.
GET:
-----
1. URL Changes to the submitted script name, appended with a list
of each variable with the value.
2. Use only if the number of variable to be used in a form ar very less.
3. Never use GET forms when asking for login ID and passwords.
4. Even hidden variables are shown as a part of the URL.
5. A lot of webservers might complain about long URLs being submitted.
A lot of times a URL 255 char or more is a problem.
POST:
-----
1. This is the best way of submitting forms to the web server.
2. There is no limitation on the number of Variables passed from the form.
3. This is a transparent way of transmitting variables to the webserver
where hidden variable are always hidden!
Usage Example
<form method="get" action="testform.html"><span >
<input name="userselected" value="ProcessNow" src="../images/testbutton.gif" type="image">
<input name="id" value="101" type="hidden"> </form><span >
Once the form is submitted, the URL will show as below:
http://www.mywebsite.com/tests/testform.html?
id=101&userselected=ProcessNow&userselected.x=130&userselected.y=42
Notice how the 'id' is shown as a part of the URL. This is not always what you might have wanted. So, here the length of the URL should not be > 255 characters for it to be processed properly by all webservers.
Usage Example
<form method="post" action="testform.html"><span >
<input name="userselected" value="ProcessNow" src="../images/testbutton.gif" type="image">
</span> <span >
Once the form is submitted, the URL will still show:
http://www.mywebsite.com/tests/testform.html
GET Method:
1. All the name value pairs are submitted as a query string in URL.
2. It's not secured as it is visible in plain text format in the Location bar of the web browser.
3. As the data transfers through address bar (URL) there are some restrictions in using space, some characters like ampersand (&) etc in the GET method of posting data. We have to take special care for encoding data if such special characters are present.
4. Length of the string is restricted.
5. If method is not mentioned in the Form tag, this is the default method used.
6. If get method is used and if the page is refreshed it would not prompt before the request is submitted again.
7. One can store the name value pairs as bookmark and directly be used while sharing with others - example search results.
8. Data is always submitted in the form of text
9. If the response of the page is always same for the posted query then use GET example database searches
POST Method:
1. All the name value pairs are submitted in the Message Body of the request.
2. Length of the string (amount of data submitted) is not restricted.
3. Post Method is secured because Name-Value pairs cannot be seen in location bar of the web browser.
4. If post method is used and if the page is refreshed it would prompt before the request is resubmitted.
5. If the service associated with the processing of a form has side effects (for example, modification of a database or subscription to a service), the method should be POST.
6. Data is submitted in the form as specified in enctype attribute of form tag and thus files can be used in FileUpload input box.
No comments:
Post a Comment