Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:58042 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 67219 invoked from network); 24 Feb 2012 22:40:41 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 24 Feb 2012 22:40:41 -0000 Authentication-Results: pb1.pair.com smtp.mail=larry@garfieldtech.com; spf=permerror; sender-id=unknown Authentication-Results: pb1.pair.com header.from=larry@garfieldtech.com; sender-id=unknown Received-SPF: error (pb1.pair.com: domain garfieldtech.com from 66.111.4.29 cause and error) X-PHP-List-Original-Sender: larry@garfieldtech.com X-Host-Fingerprint: 66.111.4.29 out5-smtp.messagingengine.com Received: from [66.111.4.29] ([66.111.4.29:55903] helo=out5-smtp.messagingengine.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 2B/11-17132-9E1184F4 for ; Fri, 24 Feb 2012 17:40:41 -0500 Received: from compute2.internal (compute2.nyi.mail.srv.osa [10.202.2.42]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id E128920D68 for ; Fri, 24 Feb 2012 17:40:38 -0500 (EST) Received: from frontend1.nyi.mail.srv.osa ([10.202.2.160]) by compute2.internal (MEProxy); Fri, 24 Feb 2012 17:40:38 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:date:from:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; s=smtpout; bh=YEIT/Niw6n5bleEZCKuMTm XJxrA=; b=DaAqbEuk7ZDrPIJGMRXicyFJo8c6Cw/TNOeDnr2bZy+1uQN37uc2IH EbZ8Zt/g2oKn+/FQHlRhWWKq7RPJxfSuvkoJa9AE5RhDhhIa+T7ylQapLXt9Gh1w 6DdW63NvklhPNH7vqXDp42NHM2YUfZDkc2yTNMPyqYTD/XRIrzw5U= X-Sasl-enc: fBs15VNmoEupGs6NLJQv3bb2y5Dc5jLU6SJh3zdyRFU9 1330123238 Received: from garfield.ad.palantir.net (unknown [209.41.114.202]) by mail.messagingengine.com (Postfix) with ESMTPSA id AE2058E01C8 for ; Fri, 24 Feb 2012 17:40:38 -0500 (EST) Message-ID: <4F4811E6.4050201@garfieldtech.com> Date: Fri, 24 Feb 2012 16:40:38 -0600 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20120216 Thunderbird/10.0.2 MIME-Version: 1.0 To: internals@lists.php.net References: <8D8E9A0839FE464FBBDF2B499DAFA596@gmail.com> <88ad33db205558862288b3114ef4c391.squirrel@www.l-i-e.com> <4F480C5B.30606@garfieldtech.com> <96462fbc4e243e75b11b455624ac4140.squirrel@www.l-i-e.com> In-Reply-To: <96462fbc4e243e75b11b455624ac4140.squirrel@www.l-i-e.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] $_PARAMETERS Super Global Object From: larry@garfieldtech.com (Larry Garfield) On 2/24/12 4:34 PM, Richard Lynch wrote: > On Fri, February 24, 2012 4:16 pm, Larry Garfield wrote: >> On 2/24/12 3:28 PM, Richard Lynch wrote: >> Because GET and POST are not even remotely the same thing and treating >> them as completely interchangeable is a bug in the first place. > > We'll have to agree to disagree here. > > To me, it's just a request for some content, and in a REST API that's > read-only, I just don't care if the consumer sends their request as > GET or POST. I'll cheerfully give them what they wanted. Except that per HTTP, GET and POST are completely different operations. One is idempotent and cacheable, the other is not idempotent and not cacheable. I very much care which someone is using. As Will said in the other reply, there's security implications. (I don't know who suggested that POST is more secure than GET. I certainly didn't.) You want your login form operating over POST, not GET, in large part for the reasons above. --Larry Garfield