PDA

Click to See Complete Forum and Search --> : POST vs. GET (number of values)

rch10007
04-17-2006, 07:35 AM
I was just fooling around and I used a form like the following to test how many variables I could pass on my localhost using GET and POST. GET broke at about 353 array values and I am still going strong with 10,400 for POST so far. How many values can you send with POST (I don't want to break my computer to find out!)?


<?php
if(!$some_var)
{
?>

<form action="index1.php" method="POST">
<input type="submit" name="submit" value="Go =>" />
<input type="text" name="some_var[]" value="Value 1" />
<input type="text" name="some_var[]" value="Value 2" />
<input type="text" name="some_var[]" value="Value 3" />
<input type="text" name="some_var[]" value="Value 4" />
<input type="text" name="some_var[]" value="Value 5" />
</form>

<?php
}
else
{
echo count($some_var);
foreach($some_var as $key)
{
echo $key."<br />\n";
}
}
?>
NogDog
04-17-2006, 09:02 AM
GET is limited by the total length of the URI. Different browsers on different systems have different maximums, but to play it safe you should probably avoid anthing greater than 255 bytes (that's for the total URI, not just the URL query string).

POST data has no logical limit imposed by the web standards, so any maximum would be either due to resource limits on the client or the server, or possibly some locally specified maximum on the web server (such as to prevent DOS attacks by sending gigabyte-sized POST data.)

And of course, once the data gets there, you might be limited on your server as to how much memory your PHP scripts are allowed to use, which will include the memory used to store the $_POST array.
rch10007
04-17-2006, 09:05 AM
I was thinking about that whole DOS attack thing while I was running those test just to see what would happen. I was watching my little CPU indicator jumping through the roof while I was sending over 10000 array values, that's a lot of bytes! You could burn a CPU easy that way.
bokeh
04-17-2006, 10:22 AM
There is not limit to the size of GET data imposed by thepertinent RFC except that servers must be able to handle any query string which they serve but as Nogdog points out the real limitation comes from user agents.

With POST data there is no limitation imposed by the RFC nor by the user agent. This is because POST requests have a request body and the key/value pairs are contained within the request body rather than just being sent as headers.

PHP itself though, does contain a limit to the maximum size of POST data and this is found in php.ini.