I have come across scripts that use:
isset($_POST['submit'])
as well as code that uses:
$_SERVER['REQUEST_METHOD']=='POST'
I was wondering the difference between these two and which method is best.
PHP: $_SERVER['REQUEST_METHOD'] $_SERVER['REQUEST_METHOD'] fetches the request method used to access the page. Request methods are 'GET', 'HEAD', 'POST', 'PUT'.
Definition and Usage. The isset() function checks whether a variable is set, which means that it has to be declared and is not NULL. This function returns true if the variable exists and is not NULL, otherwise it returns false.
$_SERVER['REQUEST_METHOD'] is one of the PHP server variables. It determines: Which request method was used to access the page; i.e. 'GET', 'HEAD', 'POST', 'PUT'. It's generally defaulted to GET though, so don't rely on it for determining if a form has been posted or not (eg if not POST then must be GET etc).
The method designates the type of request being made to the web server. The most common types of request methods are GET and POST but there are many others, including HEAD, PUT, DELETE, CONNECT, and OPTIONS. GET and POST are widely supported while support for other methods is sometimes limited but expanding.
isset($_POST['submit'])
If you already know that a particular value will always be sent and therefore is indicative of an expected form submission (the submit
field in this case) this code will tell you two things:
POST
method, as opposed to GET
, PUT
, etc.submit
field has been passed.$_SERVER['REQUEST_METHOD'] == 'POST'
This tells you exactly one thing, a form was submitted via the POST
method. Reasons to use it include:
GET
, PUT
, etc.)The former is
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!isset($_POST['name'])) {
// at this point you know that `name` was not passed as part of the request
// this could be treated as an error
}
}
Versus:
if (!isset($_POST['name'])) {
// the `name` field was not passed as part of the request
// but it might also be a GET request, in which case a page should be shown
}
Important
Checking for a submit button field in the request is not reliable as a form can be submitted in other ways (such as pressing Enter in a text box).
$_POST
By just using this expression you can assert that:
POST
These mean two different things. The first, checks to see if when the form was submitted the parameter submit
was passed. Many use this snippet to verify that a form has been sent. This works because the submit button is technically an <input>
so it's value is sent along with any other elements that were part of the form.
<?php
if(isset($_POST['submit'])) { // This way form and form logic can be adjacent to each other
// Logic
}
?>
<form method='POST' action='<?= $_SERVER['REQUEST_URI'] ?>'>
<!--- other form stuff -->
<input type="submit" name="submit" value="Send!" />
</form>
The second snippet tests if the form was submitted with the POST method. This doesn't necessarily mean that the form button was pushed. If it wasn't submitted with POST, then the superglobal $_POST
would be empty.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With