Code has been added to clipboard!

Home| PHP | Form Action

Master PHP Form Action: Guide on GET and POST Methods

Reading time 4 min
Published Aug 8, 2017
Updated Oct 2, 2019

If you were following our lessons, you have by now learned how to create PHP forms, how to make certain input fields required, and how to validate the data your users enter. Now it's time to learn to make sure you get the information users submitted.

A PHP form action attribute specifies the location to transfer the submitted users' information. You can set the attribute to deliver information to a website or a file.

PHP get and PHP post are superglobal methods, meaning you can use them anywhere in your script. They both send the data users provide to the server. In this tutorial, we will explain in what cases it's better to choose one or the other and how to use them correctly.

Contents

PHP Form Action: Main Tips

  • PHP form action attribute is used to specify where the data is sent to be processed.
  • Superglobals $_POST and $_GET are used to gather data from PHP forms.
  • GET method is used for non-sensitive data and allows bookmarking pages.
  • POST method is used for sensitive data as it is considered more secure.

A Simple HTML Form

In the code snippet below you can see a simple HTML form containing two input fields with a submit button:

Example 
<html>
<body>

<form action="pet.php" method="post">
Pet breed: <input type="text" name="breed"><br>
Color: <input type="text" name="color"><br>
<input type="submit">
</form>

</body>
</html>

After the form is filled in and the submit button is clicked, all data is sent for processing to pet.php, defined in the PHP form action attribute. The method used to send the information is PHP POST.

echo variable is used to display the submitted data. Let's see the code in the file:

Example 
<html>
<body>

Your pet breed is: <?php echo $_POST["breed"]; ?><br>
Color is: <?php echo $_POST["color"]; ?>

</body>
</html>

Now let's try to achieve the same result using PHP GET method:

Example 
<html>
<body>

<form action="pet_get.php" method="get">
Breed: <input type="text" name="breed"><br>
Color: <input type="text" name="color"><br>
<input type="submit">
</form>

</body>
</html>

The file specified in PHP form action attribute (pet_get.php) will now look like this:

Example 
<html>
<body>

Your pet breed is: <?php echo $_GET["breed"]; ?><br>
Color: <?php echo $_GET["color"]; ?>

</body>
</html>

One crucial thing that you must always keep in mind is protection. We need to validate the form data to defend the script against any malicious code.

Note: When working with PHP forms, never forget security: validation is crucial. The examples above only describe the way to send and retrieve PHP form data!

GET and POST Methods

Both PHP POST and GET methods create an array that holds key/value pairs. The key is a form value and the value is the data inputted by the user. GET and POST are treated as superglobals which means they are accessible anywhere.

$_GET is used to pass an array to the script with URL parameters.

$_POST is used to pass an array to the script with the HTTP POST method.

Using PHP GET

Using GET will not hide the information being sent from a form: everything is visible in the URL. Also, this method has limits to the amount of data that could be sent (the threshold is about 2000 characters).

However, as the information is shown in the URL, you can bookmark the pages, and that is pretty useful on some occasions.

In conclusion, this method should be used for processing not sensitive information.

Note: It is very important to emphasise that you should never use the GET method for sending passwords and any sensitive data!

Using PHP POST

Unlike the GET method, the POST method hides data being sent by embedding in the HTTP request body. It also has no limits and supports more advanced functionality like support for multi-part binary input when using an FTP.

Therefore, it shouldn't come as a surprise most coders prefer the POST method for processing data gathered using PHP forms. The only disadvantage it has is the inability to bookmark particular pages.

PHP Form Action: Summary

  • $_POST and $_GET are superglobal variables meant to collect data from forms. Its destination is defined in PHP form action attribute.
  • POST method is generally deemed more secure, so it's better to choose it for sensitive data.
  • GET method can't provide such safety, but allows you to bookmark certain pages.
PHP
Tutorial
Introduction
Installation
Syntax
Variable
Superglobals
Data Types
String
Array
Multidimensional Array
Sort Array
Constant
Operators
Cookies
Sessions
DateTime
Error Handling
Exception Handling
File
Write and Create File
File Open, Read and Close
File Upload
Filtering
Redirecting
Advanced Filters
Forms
Form Required Field
Validate Email/URL
Form Validation
Form Action
Function
Prepared Statements
JSON
Calendar
ZIP File
FTP
HTTP Response
PHP Cheatsheets of Functions
DateTime Functions
Error Functions
File Function
Filter
Math Functions
Mail Function
Miscellaneous Functions
Date Format
String Functions
Array Functions
Directory Functions
PHP and MySQL
MySQL Database
MySQL Connection
MySQL Create Database
MySQL Create Table
MySQL Delete Data
MySQL Insert Data
MySQL Get Last Record ID
MySQL Insert Multiple Records
MySQL Select Data
MySQL Limit Data
MySQL Update Data
MySQLi Functions
PHP and XML
AJAX and MySQL
AJAX Search
AJAX Poll
RSS Reader
Read XML File in PHP
XML Parser
SimpleXML Parser
SimpleXML: Node and Attribute
Expat XML Parser
DOMDocument
Libxml Functions
SimpleXML Functions
XML Parsing Functions
PHP Syntax
PHP isset
PHP echo and print
PHP if else and elseif
PHP switch case
PHP include File
PHP while Loop
PHP for and foreach
PHP mail()
PHP explode()
PHP substr()
PHP str_replace()
PHP array_push
PHP count()