Do you remember, when in part 2, we have written this…
<form action="page.php" method="GET"></form>
And I told you
It sound’s a bit enigmatic, but I’ll cover basics it soon.
And then also
[…]That’s how we get data from GET form - inside single quotes we place name of the field. But about it, later in this course […]
High time has come - here is a quick summary of what will we learn today
- HTTP - What is it and how it works
- HTTP methods and HTTP response codes
POST
method more in depthPOST
vsGET
- what are differences- Handling other HTTP methods
- Overview of
$_SERVER
So, let’s not waste time and start learning
HTTP - what is it?
HTTP stands for “Hypertext Transfer Protocol” - It’s basic protocol of web communication and foundation of world wide web.
It functions as a request-response protocol in client-server
model
And a quick explanation
- Request - package of data, that our browser sends (Like we want to visit
wizarddos.github.io
) - Response - package of data sent by server to us. That’s the content that we wanted (requested)
- Client - One, that sends requests (browser, application)
- Server - One, that responds to requests (Web server)
I won’t go into technical depths of how it works - That’s PHP, not networking course
If you are really into it, you can read RFC 9113 - it defines, how it works and explains whole magic behind HTTP protocool
For some clarification - what’s the difference between HTTP and HTTPS?
HTTPS is secure version of HTTP (S in that acronym stands for Secure) - That means, whole connection is encrypted and after intercepting such traffic, attacker has some additional work to do to get the contents (which is not always possible)
Yeah, there was a little bit of offtop, so let’s get into something strictly connected to HTTP
HTTP Response status codes
This part is important - as it might be useful in typical life too
Browsers should know, what happened to their requests - they receive this information through response status codes
They are divided into 5 groups
- 1xx - Informational
- 2xx - Success
- 3xx - Redirection
- 4xx - Client error
- 5xx - Server error
Of course xx
is replaced with some number - you will see it
Every code can be found here, and some of the most common ones are
200 OK
- Success, everything went as it should
301 Moved Permanently
- there was something at that URL, but it was moved. It also provides you with new URL of that asset
403 Forbidden
- We don’t have permissions to access that resource
404 Not Found
- I think you are familiar with this code. It means, that the URL we want to access, does not exist
Here, sometimes servers send 403
instead of 404
- to hide existence of some URL/resource
500 Internal Server Error
- There was some error, and server doesn’t know how to handle it
503 Service Unavailable
- Server can’t handle the request. It can be everything, but mostly it may be either down for maintenance or server is overloaded
On the side, there is a code called 418 I'm a teapot
.
As MDN says
The HTTP
418 I'm a teapot
client error response code indicates that the server refuses to brew coffee because it is, permanently, a teapot.
Yeah it really exists, I’m not kidding. It was created as a reference to April Fools’ joke from 1998 and 2014 - Hyper Text Coffee Pot Control Protocol
And yes, it has it’s own RFC specification
HTTP methods
These are used to indicate desired action for some resource. We call them HTTP verbs There are plenty of them, each has it’s own semantics - I’ll focus on 4 basic ones
GET
- Retrieve data from serverPOST
- Submit something to the server, often causing some changes or side effectsPUT
- It allows to create/update resources on the server, for (example)(It’s frequently disabled)DELETE
- Deletes the specific resource.
In forms, GET
and POST
are used - PUT
and DELETE
can be seen in APIs
With this said, time for quick overview of first 2 methods
POST
method
As I mentioned before - This method indicates, we submit somthing to the server
We access form fields content just like in GET
, but with a little difference - via superglobal $_POST
(Not $_GET
)
$field = $_POST['field'];
It behaves the same way as GET
- go back to parts 3 and 5
Hold on, if we use those methods in the same way - do we need both? Can’t there be only one handled in PHP?
Let’s look at the differences
POST
vs GET
So, let’s start with data visibility
Have you ever seen a URL looking something like this?
http://example.com/page?data=val
The end of this URL (?data=val
) contains our GET
data
So if user visits that page - We can access data
field with
$data = $_GET['data'];
// Or just
echo $_GET['data'];
// Output: val
But if the request used POST
method - URL would look like this
http://example.com/page
As we see, no additional data. But why?
Because POST
data is added only to a request itself, not to the URL
And here, we come to the next part - Usage
GET
should be used, when we want to request data from server ex. finding something using search barPOST
is meant to be utilized, when we need to pass data to the server, for further processing - like login or register
To sum up
GET
- To show user something dynamically
POST
- To send data from user, to be processed by the server
Handling other HTTP methods
While we have $_GET
and $_POST
superglobals for that methods, there aren’t any equivalents for another methods like PUT
or DELETE
We won’t be utilizing them in our projects - yet if you write []REST API](https://www.ibm.com/topics/rest-apis), they can be found there
There is a simple trick to access that data - here for PUT
method (same applies to delete)
$method = $_SERVER['REQUEST_METHOD'];
if ('PUT' === $method) {
parse_str(file_get_contents('php://input'), $_PUT);
var_dump($_PUT);
}
source: Stack Overflow
I will talk about $_SERVER
later, and there are 2 function I’ll explain
-
parse_str()
- It parses string in URL format (first argument), and writes it to array (second argument) -
file_get_contents()
- As the name says, it reads contents of a file, and saves it as a string And inside itphp://input
reads data from request body - that’s called []PHP wrapper](https://www.php.net/manual/en/wrappers.php.php)
$_SERVER
superglobal
Last thing I’d like to mention here is $_SERVER
What is it? It’s a superglobal that contains execution and server information
Unlike $_GET
or $_POST
- we can’t really define it’s values from PHP code
But it allows us to access some pretty interesting data - A few examples:
$_SERVER['PHP_SELF']
- Returns name of currently executed file$_SERVER['SERVER_ADDR']
- IP address of server, executing PHP$_SERVER['REQUEST_METHOD']
- This one contains request method. It was used in code snippet above$_SERVER['REMOTE_ADDR']
- By reading this property we can obtain IP address of user (client)
There are of course much more of them - you can find them all here
Conclusion
I hope you enjoyed that tutorial - Every feedback is appreciated, so comments are for you
Check out other articles in this series (If you hadn’t read them) and rest of my posts - just pick something random
So, see you in next articles