- GET Data
GET requests are typically used to retrieve data from the server. The data is passed as query parameters in the URL. In PHP, we can use $_GET to access these parameters.
Example of GET Request:
Imagine you have a URL like this: http://example.com/api/users?id=5.
In this case, the id parameter is passed through the URL query string.
How to access the GET parameters in PHP:
// Accessing GET data (e.g., /api/users?id=5)
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
if (isset($_GET['id'])) { // Check if the 'id' parameter exists
$userId = $_GET['id']; // Get the user ID from the query string
// Query the database to fetch user data based on this ID
$stmt = $pdo->prepare("SELECT * FROM users WHERE id = ?");
$stmt->execute([$userId]);
$user = $stmt->fetch(); // Get the user details
echo json_encode($user); // Return the data as a JSON response
} else {
echo json_encode(['error' => 'User ID is required']);
}
}Explanation:
$_GET['id']: Accesses the value of theidquery parameter in the URL (e.g.,id=5).- You can use this approach to fetch data based on any query parameter (e.g., filtering users, pagination).
- POST Data
POST requests are used to send data to the server, usually for creating or updating resources. The data is passed in the request body (not in the URL). There are two common ways to handle POST data:
- Using
$_POSTfor form submissions (data sent viaapplication/x-www-form-urlencodedormultipart/form-data). - Using
file_get_contents('php://input')for JSON payloads (common in modern APIs).
Example 1: Using $_POST (Form Data)
For traditional form submissions, you can use $_POST to capture form data:
// POST request with form data
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$name = $_POST['name']; // Assuming the form has a 'name' field
$email = $_POST['email']; // Assuming the form has an 'email' field
// Insert into database
$stmt = $pdo->prepare("INSERT INTO users (name, email) VALUES (?, ?)");
$stmt->execute([$name, $email]);
echo json_encode(['message' => 'User created successfully']);
}Explanation:
$_POST['name']: Accesses thenamefield sent in the form data.- You can access any form data that is sent using
POST.
Example 2: Using file_get_contents('php://input') for JSON Payloads
When building APIs, JSON is commonly used for POST requests. To access the raw POST data (such as JSON), you can use file_get_contents('php://input').
For instance, suppose you send a POST request with the following JSON body:
{
"name": "John Doe",
"email": "john.doe@example.com"
}How to handle the POST data when sent as JSON:
// POST request with JSON data
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// Get the raw POST data (JSON payload)
$data = json_decode(file_get_contents('php://input'), true); // Decode JSON into an associative array
if (isset($data['name']) && isset($data['email'])) {
$name = $data['name']; // Extract the 'name' from JSON
$email = $data['email']; // Extract the 'email' from JSON
// Insert data into the database
$stmt = $pdo->prepare("INSERT INTO users (name, email) VALUES (?, ?)");
$stmt->execute([$name, $email]);
echo json_encode(['message' => 'User created successfully']);
} else {
echo json_encode(['error' => 'Name and Email are required']);
}
}Explanation:
file_get_contents('php://input'): Reads the raw POST body (in this case, JSON data).json_decode(): Converts the JSON string into a PHP array or object (depending on the second argument).- You can then access the values from the decoded JSON and use them as needed.
Key Points:
- GET data is passed in the URL as query parameters and accessed using
$_GET['param_name']. - POST data can be passed either through form submissions (accessed via
$_POST) or as raw JSON (accessed viafile_get_contents('php://input')). - Always ensure to validate and sanitize incoming data to avoid security issues such as SQL injection, cross-site scripting (XSS), and other vulnerabilities.