PHP Front To Back [Part 11] - Get & Post Tutorial

Traversy Media · Beginner ·🛠️ AI Tools & Apps ·9y ago

Key Takeaways

This video tutorial covers PHP superglobals $_GET and $_POST, form processing, and the htmlentities() function for page security.

Full Transcript

hey guys in this video we're going to be talking about getting post so when you submit a form to a server um to a PHP page you can send data using the get method or the post method and there's a couple differences with both of these so the get method you're actually sending the data through the URL and you don't have to use a form for this you could just add query strings to your URLs and you can send it that way um but doing this is very insecure because you're sending the data right in the URL all right now with the post request it's safer because it's sent in the HTTP header and you can use https to really secure that data and obviously that's what's used with credit card forms and things like that all right so what I'm going to do here is Let's uh let's create a new file in our PHP sandbox and I'm just going to call this get undor post.php all right and what I'm going to do is just add in some HTML Just Tab that over okay and we'll just say my website and then I'm going to paste in a form here just a very simple HTML form you guys I'm sure you guys have dealt with these um we just have a a div here with the label an input with the type of text now this name attribute is very important because that's the that's the attribute that we can hook on to from the server and get this whatever data is submitted so you want to make sure you have the name in this case it's name and then down here we have the name email and then we have a submit button all right now this form in order to um process it we have to add two things okay so we have to add why does it keep doing that that's really strange okay we got to do a method and that's where we Define get or post we're going to start off with get and then an action which is the page that we're going to submit to in this case we're going to submit to uh this file which is getor post.php all right so we're going to submit to this but you could submit to any files sometimes you'll see uh process.php or something like that all right now let's go up here above all the HTML and open up some PHP tags and what we'll do is let's say uh Echo get and let's say we want to get the name okay now if I save this and we load this up I can't talk and type Local Host SL PHP sandbox and what is it uh postore getet or is it get post yeah post.php okay so we get this error because we haven't submitted the form yet so we haven't sent this data so it doesn't know what the hell we're talking about with this index name all right so what we have to do is check to see if that exists so if we say if so if we say if and if we were to just do this like you may think that might work but if we reload we still get the error what we have to do is wrap this in a PHP function called is set which we'll check to see if that value is set so now if we reload we won't get the error okay and when we submit it that will be set and it'll Echo it out so let's go ahead and just put in a name here and submit and you'll see that it'll output that on the screen okay and you can do whatever you want with that data and obviously if you wanted the email you would just go like that and then if we do let's say Brad at gmail.com and we get the email now when we fill out these values we can also do a print R which we've done before in this series and that will basically print out the array so let's just print out get all right so if we submit name and email you'll see that we have an array with the uh index of name and then the value of Brad and then the index of email with the value of Brad gmail.com now when you're working with any kind of user data you have security issues and one of them with with uh PHP is a cross-site scripting attacks or xss attacks and how that works is a hacker will go to your web page that has a form on it and they'll try to insert some uh crazy script to mess things up on your in your in your application so let me just give you an example if we were to just Echo out get email like this actually let's do get name okay and we go over here and let me just clear this out and someone goes and they put in a script tag like that and they put some harmful code in here I'm just going to do an alert one uh but let's say that's some harmful code and they submit it now if we look at our source code with control U look at that we have a script right in our HTML now Chrome actually has some built-in features to prevent this if we hit F12 and actually on this page we hit F12 you'll see right here the xss auditor refused to execute a script okay so we do have some built-in protection but that's not always the case okay okay now to prevent this from working we can use a function called HTML entities and what that does is it takes basically takes the power out of the HTML tags out of the opening and closing uh brackets so let me show you if we were to Echo out HTML entities and wrap that value and let's save that and then we'll go back clear this up out and let's try that again we'll put in our script alert 1 and submit and now you'll see that it just outputs on the screen if we look at the source code it turns the HTML brackets into these entities that are harmless they just printed out on the screen okay so that's a really important function uh when it comes to security and PHP when you're dealing with content that a user can um can submit to the server and what you would probably want to do is create a variable for this such as name equals and then set it to that and then you know Echo out your variable all right so that's get now if you don't want to send data through the and have it be visible in the URL like this then you want to use post instead of get so let's just comment these out here and instead of I'm just going to copy this instead of saying uh if get let's do if post name and we'll go ahead and uncomment that and change that to post and then we'll Echo out name all right now to make a post request we need to go ahead and change this method to post all right so let's save that and let's clear all this crap out of the URL and let's say Brad and submit and we get Brad and notice that there's nothing in the URL that's because the data was sent through the headers not through the URL so this is a much more secure way to send data all right and then you can take it uh take it up a notch and use https and really encrypt that data all right and just like with the get request we can print out the post array as well okay so if we go ahead and reload resubmit the form you'll see that it prints out that array now there is a third way we can get this data and that's by using request so I'm going to copy this and paste that in and I'm going to change this to request and change this and this all right so let's go Echo name and I'm just going to you know what I'll do is uncomment all of this and then I'm just going to comment both of these if statements out okay so let's see what happens if we go ahead and reload okay with the form submitted and we still get this array this is eching out the request variable right here uh and if we want to get rid of that and just Echo out the name we'll get Brad all right now this is going to work whether this value is post or get okay so if we change this to get and reload and submit the form we still get Brad all right let's try and do it this way okay so we get Brad and you'll see that it's up here because it is still we're making a get request but we we're able to retrieve it using this request super Global all right now this isn't used very much you want to stick with getting post uh but this is an alternate way of doing it okay so let me comment that out and then there's one more Super Global value that I want to show you and that is um with server now I know we went over server but we didn't go over this and that's the query string value so let's say query uncore string and let's see what that gives us if we go and submit this form okay it gives us the the entire string gives us the the value here or the I'm sorry the key which is name and then the value and then the or samp and the next value the next key value pair um and so on okay so that's query string excuse me I'm losing my voice um so that's pretty much it oh one more thing I wanted to mention is that we can send along query strings in the URL itself without using a form so for instance uh let's do a list item and let's say we want this to go to this file which is get post.php and then let's add a question mark and we'll say name equals Brad all right and then let's copy this and we'll put another one and we'll change this to Steve okay and let's go up here and I want to uncomment this if statement and let's just comment that out so basically when we click this URL it's going to we're going to be able to fetch that name like we have been and we're going to set the name variable and then down here let's do something like um I'll just use double quotes and we'll say name profile all right so if we reload you'll see if I click on either one of these actually we could wrap this in an H1 make it a little more realistic okay so now we can get Brad and Steve's profile going by the the name value in the URL all right guys so that's going to be it for getting post and we'll be working with these quite a bit uh as we move through this series all right so hopefully you guys are enjoying this series we still got a lot more to come I may be only releasing one every couple days or so because I'm I'm really slammed right now uh for my my courses from edu onics um so try to hang in there and thanks for watching and I'll see you next time

Original Description

In this video we will take a look at the $_GET and $_POST superglobals as well as form processing. We will also look at the htmlentities() function for page security CODE: Code for this video http://www.traversymedia.com/downloads/phpsandbox/phpsandbox9.zip EDUONIX COURSES: Pleas use affiliate links from website below http://www.traversymedia.com/eduonix-courses SUPPORT: We spend massive amounts of time creating these free videos, please donate to show your support: http://www.patreon.com/traversymedia http://www.paypal.me/traversymedia FOLLOW TRAVERSY MEDIA: http://www.facebook.com/traversymedia http://www.twitter.com/traversymedia http://www.linkedin.com/bradtraversy
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from Traversy Media · Traversy Media · 0 of 60

← Previous Next →
1 Changing Your DNS/Nameservers
Changing Your DNS/Nameservers
Traversy Media
2 Create a MySQL database in cPanel
Create a MySQL database in cPanel
Traversy Media
3 Install & Uninstall Joomla Extensions
Install & Uninstall Joomla Extensions
Traversy Media
4 Adding and linking an article in Joomla
Adding and linking an article in Joomla
Traversy Media
5 Create a Joomla Blog
Create a Joomla Blog
Traversy Media
6 Import & Export A MySQL Database
Import & Export A MySQL Database
Traversy Media
7 Use A Custom Font On Your Website Using CSS
Use A Custom Font On Your Website Using CSS
Traversy Media
8 Connect Joomla Site With Dreamweaver
Connect Joomla Site With Dreamweaver
Traversy Media
9 Remove Phoca Gallery 3.2.3 Footer Text
Remove Phoca Gallery 3.2.3 Footer Text
Traversy Media
10 Drupal 7 Security Update 7.19 to 7.20
Drupal 7 Security Update 7.19 to 7.20
Traversy Media
11 Add An Addon Domain In Cpanel
Add An Addon Domain In Cpanel
Traversy Media
12 Pull A Heroku Rails App and Database
Pull A Heroku Rails App and Database
Traversy Media
13 Create a Custom Joomla 2.5 Module - Part 1
Create a Custom Joomla 2.5 Module - Part 1
Traversy Media
14 Create a Custom Joomla 2.5 Module - Part 2
Create a Custom Joomla 2.5 Module - Part 2
Traversy Media
15 Create a Custom Joomla 2.5 Module - Part 3
Create a Custom Joomla 2.5 Module - Part 3
Traversy Media
16 Joomla SEO Tutorial - sh404sef Configuration
Joomla SEO Tutorial - sh404sef Configuration
Traversy Media
17 Font Dragr
Font Dragr
Traversy Media
18 Convert an HTML Template to Joomla 2.5/3.0 - Part One
Convert an HTML Template to Joomla 2.5/3.0 - Part One
Traversy Media
19 Convert an HTML Template to Joomla 2.5/3.0 - Part Two
Convert an HTML Template to Joomla 2.5/3.0 - Part Two
Traversy Media
20 Rockettheme Rocketlauncher   Joomla Site in Under 10 Minutes
Rockettheme Rocketlauncher Joomla Site in Under 10 Minutes
Traversy Media
21 JQuery FAQ Slider Tutorial
JQuery FAQ Slider Tutorial
Traversy Media
22 301 Redirect With htaccess File
301 Redirect With htaccess File
Traversy Media
23 Convert HTML to Wordpress Theme - Part 1
Convert HTML to Wordpress Theme - Part 1
Traversy Media
24 Convert HTML to Wordpress Theme - Part 2
Convert HTML to Wordpress Theme - Part 2
Traversy Media
25 Easy JQuery Widgets
Easy JQuery Widgets
Traversy Media
26 Codeigniter App Part 1 - Creating the Database
Codeigniter App Part 1 - Creating the Database
Traversy Media
27 Codeigniter App Part 2 - Installation and Configuration
Codeigniter App Part 2 - Installation and Configuration
Traversy Media
28 Codeigniter App Part 6 - Login/Register System
Codeigniter App Part 6 - Login/Register System
Traversy Media
29 Codeigniter App Part 7 - Models List CRUD
Codeigniter App Part 7 - Models List CRUD
Traversy Media
30 Codeigniter App Part 8 - Models Task CRUD
Codeigniter App Part 8 - Models Task CRUD
Traversy Media
31 Node.js Part 1 - Install NodeJS on Windows
Node.js Part 1 - Install NodeJS on Windows
Traversy Media
32 Node.js Part 3 - Building a Static Page Server
Node.js Part 3 - Building a Static Page Server
Traversy Media
33 Node.js Part 4 - NPM
Node.js Part 4 - NPM
Traversy Media
34 Node.js Part 2 - Install MongoDB in Windows
Node.js Part 2 - Install MongoDB in Windows
Traversy Media
35 Create a Joomla Quickstart with Custom Sample Data
Create a Joomla Quickstart with Custom Sample Data
Traversy Media
36 Install MongoDB in Ubuntu
Install MongoDB in Ubuntu
Traversy Media
37 HTML5 Web Storage
HTML5 Web Storage
Traversy Media
38 Create a Joomla Bootstrap Template From Scratch
Create a Joomla Bootstrap Template From Scratch
Traversy Media
39 Ubuntu Server 14.04 Setup Part 1 - Installation
Ubuntu Server 14.04 Setup Part 1 - Installation
Traversy Media
40 Ubuntu Server 14.04 Setup Part 3 - Set Static IP
Ubuntu Server 14.04 Setup Part 3 - Set Static IP
Traversy Media
41 Create A Wordpress Widget - Part 1
Create A Wordpress Widget - Part 1
Traversy Media
42 Create A Wordpress Widget - Part 2
Create A Wordpress Widget - Part 2
Traversy Media
43 Create A Wordpress Widget - Part 3
Create A Wordpress Widget - Part 3
Traversy Media
44 Create A Wordpress Widget - Part 4
Create A Wordpress Widget - Part 4
Traversy Media
45 Get Started With Sass on Windows
Get Started With Sass on Windows
Traversy Media
46 Build An HTML5 Template With Bootstrap and SASS - Part 1
Build An HTML5 Template With Bootstrap and SASS - Part 1
Traversy Media
47 Build An HTML5 Template With Bootstrap and SASS - Part 6
Build An HTML5 Template With Bootstrap and SASS - Part 6
Traversy Media
48 Build An HTML5 Template With Bootstrap and SASS - Part 4
Build An HTML5 Template With Bootstrap and SASS - Part 4
Traversy Media
49 Build An HTML5 Template With Bootstrap and SASS - Part 5
Build An HTML5 Template With Bootstrap and SASS - Part 5
Traversy Media
50 Build An HTML5 Template With Bootstrap and SASS - Part 3
Build An HTML5 Template With Bootstrap and SASS - Part 3
Traversy Media
51 Build An HTML5 Template With Bootstrap and SASS - Part 2
Build An HTML5 Template With Bootstrap and SASS - Part 2
Traversy Media
52 Build An HTML5 Template With Bootstrap and SASS - Part 7
Build An HTML5 Template With Bootstrap and SASS - Part 7
Traversy Media
53 Build An HTML5 Template With Bootstrap and SASS - Part 10
Build An HTML5 Template With Bootstrap and SASS - Part 10
Traversy Media
54 Build An HTML5 Template With Bootstrap and SASS - Part 8
Build An HTML5 Template With Bootstrap and SASS - Part 8
Traversy Media
55 Build An HTML5 Template With Bootstrap and SASS - Part 11
Build An HTML5 Template With Bootstrap and SASS - Part 11
Traversy Media
56 Build An HTML5 Template With Bootstrap and SASS - Part 9
Build An HTML5 Template With Bootstrap and SASS - Part 9
Traversy Media
57 Build An Audio Player Using HTML5 & jQuery - Part 1
Build An Audio Player Using HTML5 & jQuery - Part 1
Traversy Media
58 Build An Audio Player Using HTML5 & jQuery - Part 2
Build An Audio Player Using HTML5 & jQuery - Part 2
Traversy Media
59 Youtube Data API v3 & jQuery To List Channel Videos
Youtube Data API v3 & jQuery To List Channel Videos
Traversy Media
60 Using Bootstrap With Ruby on Rails
Using Bootstrap With Ruby on Rails
Traversy Media

This video teaches PHP developers how to use superglobals $_GET and $_POST, process forms, and ensure page security using the htmlentities() function. By the end of this tutorial, developers will be able to build secure web applications and process forms effectively.

Key Takeaways
  1. Download the PHP sandbox code
  2. Create a new PHP file and include the superglobals
  3. Use $_GET to retrieve data from a URL
  4. Use $_POST to retrieve data from a form
  5. Process the form data and display it on the page
  6. Use the htmlentities() function to secure the page against XSS attacks
💡 Using superglobals and the htmlentities() function is crucial for building secure web applications in PHP.

Related AI Lessons

Up next
Salesforce Flow New Features (Summer '26) | Open Record, URL & Show Toast Messages
AITECHONE
Watch →