PHP basics POST and GET
Difference between post and get
Key points:
*. When Post transmits data, it does not need to be displayed in the URL, while the Get method must be displayed in the URL.
*.Post transmits a large amount of data, which can reach 2M, while the Get method can only transfer about 1024 bytes due to the URL length limit.
*.Post, as the name suggests, is to transmit data to the server segment, and Get is for Get data from the server segment. The reason why Get can also transmit data is just to tell the server what kind of data you need. Post information is used as the content of the http request, while Get is transmitted in the Http header.
Detailed description:
1. Get transfers the user's data through URL requests, connects the names of each field in the form and its contents as paired strings, and places them in the URL of the program pointed to by the action attribute. The data will be Displayed directly on the URL, just like the user clicks a link;
The Post method uses the HTTP post mechanism to place the names of each field in the form and its content in the HTML header (header) and transmit it to the server through the action attribute. The program processing referred to will read and process the form data through the standard input (stdin) method
2. The Get method requires the use of Request.QueryString to obtain the value of the variable.
Post method uses Request.Form to access the submitted content.
3. The amount of data transmitted by the Get method is very small, generally limited to about 2 KB, but the execution efficiency is better than the Post method;
The amount of data transmitted by the Post method is relatively large, and it is waiting for the server to read the data. There is also a byte limit, which is to avoid malicious attacks on the server with large amounts of data.
Suggestion: Unless you are sure that the data you submit can be submitted in one go, please try to use the Post method
4. Submitting data through the Get method will cause security issues. It is recommended to use the Post method for form submission; (such as the login page, through Get When submitting data, the username and password appear on the URL. If the page can be cached or others can access the customer's machine, the user's account and password can be obtained from the history record)
The form submitted by the Post method A common problem with pages is that when the page is refreshed, a dialog box will pop up. Suggestion: For security reasons, it is best to use Post to submit data
5. Get limits the value of the data set in the Form form to be ASCII characters; while Post supports the entire ISO10646 character set. 6. Get is the default method of Form.
In the HTTP protocol, there are four verbs indicating operation methods: GET, POST, PUT, and DELETE. They correspond to four basic operations:
GET is used to obtain resources POST is used to create new resources (can also be used to update resources)
PUT is used to update resources
DELETE is used to delete resources.
PHP will automatically escape data obtained through post/get
Depending on the different configurations of the server, when obtaining data through post or get, some special characters such as '," may appear and will be converted Meaning. This problem is mainly caused by PHP magic quotes. PHP magic quotes include
magic_quotes_runtime, magic_quotes_sybase.
magic_quotes_gpc is summarized as follows:
1. For the case of magic_quotes_gpc=on, and output Performmust use addslashes() to process the input data, but there is no need to use stripslashes() to format the outputaddslashes() and stripslashes() operations on the string data of the database, and the data will be displayed normally.
If you perform addslashes() on the input data at this time,
then it must be output. Use stripslashes() to remove excess backslashes
2. For the case of magic_quotes_gpc=off
because addslashes() does not write the backslashes into the database, but just helps mysql complete the execution of the sql statement. About magic_quotes_gpc in php injection. Everyone knows the php configuration file php. .in , if the magic_quotes_gpc configuration is turned on, it means magic_quotes_gpc = on. Everyone who knows php knows.
Then we have to inject the numeric field
<span> 1</span> <?
<span> 2</span><span>if</span> ( <span>isset</span>(<span>$_POST</span>["f_login"<span>] ) ){
</span><span> 3</span><span>//</span><span>连接数据库</span><span> 4</span><span>$t_strUid</span> = <span>$_POST</span>["f_uid"<span>];
</span><span> 5</span><span>$t_strPwd</span> = <span>$_POST</span>["f_pwd"<span>];
</span><span> 6</span><span>$t_strSQL</span> = "SELECT * FROM tbl_users WHERE uid=<span>$t_strUid</span> AND password = '<span>$t_strPwd</span>' LIMIT 0,1"<span>;
</span><span> 7</span><span>if</span> ( <span>$t_hRes</span> = <span>mysql_query</span>(<span>$t_strSQL</span><span>) ){
</span><span> 8</span><span>//</span><span> 成功查询</span><span> 9</span><span> }
</span><span>10</span><span> }
</span><span>11</span> ?>If it is entered correctly:
SELECT * FROM tbltable_users WHERE userid=admin AND password = 'admin' LIMIT 0,1
If the attacker enters: admin OR 1 =1 # at username, the injected sql statement is as follows:
SELECT * FROM table_users WHERE userid=admin OR 1 =1 # AND password = 'admin' LIMIT 0,1
The injection can be done below.
Set the display_errors option to display_errors = off in php.ini This will prevent .
magic_quotes_runtime
如果打开的话,大部份从外部来源取得数据并返回的函数,包括从数据库和文本文件,所返回的数据都会被反斜线转义。该选项可在运行的时改变,在 PHP 中的默认值为 off。
magic_quotes_sybase
如果打开的话,将会使用单引号对单引号进行转义而非反斜线。此选项会完全覆盖 magic_quotes_gpc。如果同时打开两个选项的话,单引号将会被转义成 ”。而双引号、反斜线 和 NULL 字符将不会进行转义。
由于不同服务器的配置不同,需要在代码中用get_magic_quotes_gpc() 检测服务器配置。
<span>1</span><span>if</span>(<span>isset</span>(<span>$_POST</span>['c'<span>])){
</span><span>2</span><span>$s</span> = <span>$_POST</span>['c'<span>];
</span><span>3</span><span>if</span>(<span>get_magic_quotes_gpc</span><span>())
</span><span>4</span><span>$s</span> = <span>stripslashes</span>(<span>$s</span>);<span>//</span><span>stripslashes() 函数删除由 addslashes() 函数添加的反斜杠。
</span><span>5</span><span>//do something</span><span>6</span> }以上就介绍了PHP基础之POST与GET,包括了方面的内容,希望对PHP教程有兴趣的朋友有所帮助。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1664
14
1423
52
1317
25
1268
29
1248
24
Solution: Your organization requires you to change your PIN
Oct 04, 2023 pm 05:45 PM
The message "Your organization has asked you to change your PIN" will appear on the login screen. This happens when the PIN expiration limit is reached on a computer using organization-based account settings, where they have control over personal devices. However, if you set up Windows using a personal account, the error message should ideally not appear. Although this is not always the case. Most users who encounter errors report using their personal accounts. Why does my organization ask me to change my PIN on Windows 11? It's possible that your account is associated with an organization, and your primary approach should be to verify this. Contacting your domain administrator can help! Additionally, misconfigured local policy settings or incorrect registry keys can cause errors. Right now
How to adjust window border settings on Windows 11: Change color and size
Sep 22, 2023 am 11:37 AM
Windows 11 brings fresh and elegant design to the forefront; the modern interface allows you to personalize and change the finest details, such as window borders. In this guide, we'll discuss step-by-step instructions to help you create an environment that reflects your style in the Windows operating system. How to change window border settings? Press + to open the Settings app. WindowsI go to Personalization and click Color Settings. Color Change Window Borders Settings Window 11" Width="643" Height="500" > Find the Show accent color on title bar and window borders option, and toggle the switch next to it. To display accent colors on the Start menu and taskbar To display the theme color on the Start menu and taskbar, turn on Show theme on the Start menu and taskbar
How to change title bar color on Windows 11?
Sep 14, 2023 pm 03:33 PM
By default, the title bar color on Windows 11 depends on the dark/light theme you choose. However, you can change it to any color you want. In this guide, we'll discuss step-by-step instructions for three ways to change it and personalize your desktop experience to make it visually appealing. Is it possible to change the title bar color of active and inactive windows? Yes, you can change the title bar color of active windows using the Settings app, or you can change the title bar color of inactive windows using Registry Editor. To learn these steps, go to the next section. How to change title bar color in Windows 11? 1. Using the Settings app press + to open the settings window. WindowsI go to "Personalization" and then
How to enable or disable taskbar thumbnail previews on Windows 11
Sep 15, 2023 pm 03:57 PM
Taskbar thumbnails can be fun, but they can also be distracting or annoying. Considering how often you hover over this area, you may have inadvertently closed important windows a few times. Another disadvantage is that it uses more system resources, so if you've been looking for a way to be more resource efficient, we'll show you how to disable it. However, if your hardware specs can handle it and you like the preview, you can enable it. How to enable taskbar thumbnail preview in Windows 11? 1. Using the Settings app tap the key and click Settings. Windows click System and select About. Click Advanced system settings. Navigate to the Advanced tab and select Settings under Performance. Select "Visual Effects"
OOBELANGUAGE Error Problems in Windows 11/10 Repair
Jul 16, 2023 pm 03:29 PM
Do you see "A problem occurred" along with the "OOBELANGUAGE" statement on the Windows Installer page? The installation of Windows sometimes stops due to such errors. OOBE means out-of-the-box experience. As the error message indicates, this is an issue related to OOBE language selection. There is nothing to worry about, you can solve this problem with nifty registry editing from the OOBE screen itself. Quick Fix – 1. Click the “Retry” button at the bottom of the OOBE app. This will continue the process without further hiccups. 2. Use the power button to force shut down the system. After the system restarts, OOBE should continue. 3. Disconnect the system from the Internet. Complete all aspects of OOBE in offline mode
Display scaling guide on Windows 11
Sep 19, 2023 pm 06:45 PM
We all have different preferences when it comes to display scaling on Windows 11. Some people like big icons, some like small icons. However, we all agree that having the right scaling is important. Poor font scaling or over-scaling of images can be a real productivity killer when working, so you need to know how to customize it to get the most out of your system's capabilities. Advantages of Custom Zoom: This is a useful feature for people who have difficulty reading text on the screen. It helps you see more on the screen at one time. You can create custom extension profiles that apply only to certain monitors and applications. Can help improve the performance of low-end hardware. It gives you more control over what's on your screen. How to use Windows 11
10 Ways to Adjust Brightness on Windows 11
Dec 18, 2023 pm 02:21 PM
Screen brightness is an integral part of using modern computing devices, especially when you look at the screen for long periods of time. It helps you reduce eye strain, improve legibility, and view content easily and efficiently. However, depending on your settings, it can sometimes be difficult to manage brightness, especially on Windows 11 with the new UI changes. If you're having trouble adjusting brightness, here are all the ways to manage brightness on Windows 11. How to Change Brightness on Windows 11 [10 Ways Explained] Single monitor users can use the following methods to adjust brightness on Windows 11. This includes desktop systems using a single monitor as well as laptops. let's start. Method 1: Use the Action Center The Action Center is accessible
How to Fix Activation Error Code 0xc004f069 in Windows Server
Jul 22, 2023 am 09:49 AM
The activation process on Windows sometimes takes a sudden turn to display an error message containing this error code 0xc004f069. Although the activation process is online, some older systems running Windows Server may experience this issue. Go through these initial checks, and if they don't help you activate your system, jump to the main solution to resolve the issue. Workaround – close the error message and activation window. Then restart the computer. Retry the Windows activation process from scratch again. Fix 1 – Activate from Terminal Activate Windows Server Edition system from cmd terminal. Stage – 1 Check Windows Server Version You have to check which type of W you are using
