php help in $_POST and $_GET..please:c?

[Babydanes 0]

I'm currently working on my website's log-in .. i have a database named infodb and a table named accounttbl and fields like FirstName, LastName, Eadd, UserName, Password.

i have this for my login.php
<form action='logging.php' method='POST'>
Username: <input type='text' name='customu'>
Password: <input type='text' name='pass'>
<input type='submit' value='Log in'>

i don't know if i use the right method or it suppose to be GET?

then in logging.php
i'll be selecting the table where UserName='$customu'.

i tried to change my strategies but i can't display those arrays..
how would i do this?

 

[Alfonso E]

both should work, but probably you don't want to pass the password within the url, so use post as method, then on your logging.php use $_POST['customu']. if you want to use just $customu you have to store the post variable into the php variable, like $customu=$_POST['customu'];

 

[Blackcompe]

The difference is that GET appends form data to the URL. That's highly insecure. Go with POST.

 

[Liars never lies]

Technically, you can use either GET or POST, but php has a well-defined usage for each.

GET is used for getting dynamic data from the server. The reason why GET uses the URL to communicate data is so you can copy and paste the URL to pass to other people the GET query.

POST is used to post data to server, which usually the server will process and store. This data is usually irrelevant if you're passing URL around to your friends.

Examples:
Yahoo's Answer's answering textbox uses POST. This is mainly because the answering textbox contains lots of data and URL length is limited. However, the prescribed reason is because you don't want to copy-paste the URL and give it to a friend, and make them accidentally post the same thing as you.

Yahoo Answer's qid (question ID) is passed as GET. This is to allow you to copy-paste the URL and people on the other side of the world would go to the same page.