Originally Posted by countrydj
I must admit, I don't really know when to use POST and when to use GET.
Is there a rule of thumb ???.
When the data is passed in a querystring (that is after a ? as part of a web address) then you read it using $_GET.
If the data is being passed from a form that has method="POST" then you read it using $_POST.
Note that in both cases you should validate the content received looks reasonable before moving it to another field for subsequent processing by your code - preferably validation but at least sanitize the data before moving it. That way you keep the tainted fields separated from the untainted ones.
Helping others to solve their computer problem at http://www.felgall.com/