...

View Full Version : $_POST vs $_GET ?



snoodle
07-13-2007, 12:54 AM
I'm confused (what else is new). I have a bunch of PHP files that begin with $q=$_GET["q"]; (for sql add, update, delete, fetch, etc), and a few that begin with $destfile=$_POST['destfile'];. So far, the only need for the POST PHP modules has been for doing AJAX file uploading.

So far I have 2 of these "upload" php modules. The first one uploads pict files, and inside the same php module a new file is created from the original, with new dimensions. That all works fine.

The 2nd upload module uploads a text file that I need to parse and extract data to be inserted into various tables in my database. My intention was to put that code in the same PHP file that is used for the upload. After the upload is done, "ProcessFile" is called to do all the MySQL updating. However, the mysql calls didn't work. I tried creating a new table ("test") and simply inserting some text into the table, but it wouldn't work. I moved the code into one of the other PHP files that started with $_GET instead of $_POST, and the same code worked fine.

So, I got around the problem by... from the javascript/ajax calling code, I wait for the file to be uploaded, then I ajax my way to another php file that uses $_GET and I'm able to do all the mysql'ing just fine.

My question is, is this some kind of weird security issue? What exactly is going on?

Fumigator
07-13-2007, 01:07 AM
My first question would be, what led you to believe the problem is with the method used to submit the script? There could be a thousand different reasons your query didn't work in the upload script that have nothing to do with the fact that the script was submitted via POST.

snoodle
07-13-2007, 01:49 AM
My first question would be, what led you to believe the problem is with the method used to submit the script? There could be a thousand different reasons your query didn't work in the upload script that have nothing to do with the fact that the script was submitted via POST.

Moving the code from the $_POST to the $_GET was an act of desparation after I tried all I could come up with. I agree that it seems to make no sense, and that's why I was asking for help. So far, that is the ONLY difference I see in the working vs the non-working code. I still can't help but think it is one of the other thousand different reasons the query didn't work, but so far I have only found this to make the code work, and since I am still learning this stuff I thought there might be something about POST vs GET that might be doing something behind the scenes - though I can't imagine why, what, or why.

OK, yes, there are other things that are different in the way the modules get called, but that seems even more bizarre as reasons for this behavior.

felgall
07-13-2007, 04:54 AM
Basically the only difference between POST and GET is the way that the information gets passed from one page to the other and the fact that GET assumes that you are retrieving information and not updating anything so that the returned page can be cached for reuse if the same query is made again.

Fumigator
07-13-2007, 07:02 AM
If you want to put the query back in the original script and post the script here we can poke around and maybe find the real problem.

snoodle
07-13-2007, 07:54 AM
thanks - im a bit swamped at the moment but as soon as i get back to it - ill try a few more things and if i hit a brick wall ill definitely post the code. thanks.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum