Since some of my PHP scripts receive data from a form POST or from a direct link in the URL....I've been using $_REQUEST.
However, my client says the scripts are not populating anything. Yet they do on my end. We both have Firefox 7.01 and Chrome. Both browsers work for me, but he said neither browser will populate data.
He's said he's had some other users try it and some get the data and some do not. The only way I've found to fix it is to change my variable sets from $_REQUEST to either $_GET or $_POST. But then not all my script works.
For example, sometimes the URL passes ID=55&act=reviewapp while a form passes to the same script ID = 55 and act = updateapp
//preference given to values in POST
$myName = (isset($_GET['myName']))?$_GET['myName']:'';
$myName = (isset($_POST['myName']))?$_POST['myName']:$myName;
A general rule is that GET values shouldn't be used to change any states (such as deleting a post or user).
Probably not enough info to come up with a definitive answer. In general, I think you are better served by using the explicit source ($_GET or $_POST or $_COOKIE) as applicable, rather than $_REQUEST. If you do need to use $_REQUEST, be aware that if two or more of those specific sources come in to the page with the same key, which one will show up in $_REQUEST depends on your PHP configuration's setting of the gpc_order directive.
Rather than depending on that setting, you may be better served by checking the sources yourself in the desired order, e.g.:
PS: Looks like I started replying just before Criterion's reply appeared, so just wanted to note I am replying to the OP, not to Criterion.
"Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
~ Terry Pratchett in Nation
if you leave form method blank, some browsers may just guess.... hey it's GET, or maybe it's POST. Only reason I can see for it.
Like criterion said, the only real rule of thumb I use is that post is better for submitting large amounts of data, get is better for browsing and retrieving data by id. It's not that hackers are idiots and can't figure out how to xsrf with post or anything, it's just how I generally do things. search engines don't pick up on post data, but they can understand a URL like this:
Sometimes ppl may think that im repetitve or something, but this is the type of thing that made me go for the php code generators, there is some ways to pass parameters using some global variables that is secure and encrypted.
I dont like to lose time on things like this, just to tell you that i use 2 differente types of generators and pass 80% of my development time using then.
If you want an alternative, let me know
I need a frequency analysis bar chart as a PNG for the freq of 0x00 through 0x7F for an arbitrary input file which might be binary and greater than 2 GB.
Get me 80% of the way there
I use (, ; : -) as I please- instead of learning the English language specification: I decided to learn Scheme and Java;
Reply With Quote
Bookmarks