Quote:
|
Originally Posted by Lich
Try to use POST and not GET variables so you don't throw things in the URL
|
While I agree in general, in some cases, you might want the user-sibmitted data to be part of the URL, such as for search page results, as this allows the user to cut-and-paste the URL with ease, bookmark the page without the server needing to store a cookie, etc. I'm not saying this to start a debate, but rather to show the OP that there are cases where one method is more appropriate.
Obviously, with data that expires, or is sensitive, you want to use POST, as you suggest. POST is also necessary if the length of the extra data exceeds environment limits.