Passing information between pages – Dr. Balvinder Taneja

Passing Information Between Pages in PHP

When developing dynamic web applications, it is common to pass information from one page to another. PHP provides multiple ways to transfer data between pages, including GET, POST, sessions, cookies, and hidden form fields. Each method has specific use cases depending on security, performance, and usability requirements.

1. Methods for Passing Information Between Pages

Method	Description	Use Case
GET Method	Sends data via the URL	Passing non-sensitive data like search queries
POST Method	Sends data in the request body	Securely submitting form data
Session Variables	Stores data across multiple pages	User authentication, shopping carts
Cookies	Stores small data on the client-side	User preferences, login details
Hidden Form Fields	Stores data in an HTML form but hides it from the user	Keeping track of user choices

2. Passing Information Using the GET Method

How GET Works

Data is appended to the URL in key-value pairs.
Example: page2.php?name=John&age=25
Maximum URL length: ~2000 characters.
Data is visible in the browser’s address bar.

Example: Sending Data Using GET

Page 1: form.html

<!DOCTYPE html>

<html>

<head>

<title>GET Method Example</title>

</head>

<body>

Name: <input type=”text” name=”name”>

Age: <input type=”text” name=”age”>

</form>

</body>

</html>

Page 2: page2.php

<?php

if(isset($_GET[‘name’]) && isset($_GET[‘age’])) {

$name = htmlspecialchars($_GET[‘name’]);

$age = htmlspecialchars($_GET[‘age’]);

echo “Hello, $name. You are $age years old.”;

} else {

echo “No data received.”;

}

When to Use GET

Use GET when sending non-sensitive data.
Suitable for search queries, filtering, pagination.
Do not use GET for passwords or personal data.

3. Passing Information Using the POST Method

How POST Works

Data is sent in the request body (not visible in the URL).
No character limit.
More secure than GET.

Example: Sending Data Using POST

Page 1: form.html

<!DOCTYPE html>

<html>

<head>

<title>POST Method Example</title>

</head>

<body>

Name: <input type=”text” name=”name”>

Age: <input type=”text” name=”age”>

</form>

</body>

</html>

Page 2: page2.php

<?php

if(isset($_POST[‘name’]) && isset($_POST[‘age’])) {

$name = htmlspecialchars($_POST[‘name’]);

$age = htmlspecialchars($_POST[‘age’]);

echo “Hello, $name. You are $age years old.”;

} else {

echo “No data received.”;

}

When to Use POST

Use POST when sending sensitive or large data (e.g., passwords, file uploads).
Suitable for form submissions, login systems.
Not bookmarkable or cacheable like GET requests.

4. Passing Information Using Session Variables

How Sessions Work

A session stores user data across multiple pages.
Session data is stored on the server.
A unique session ID is assigned to each user.

Example: Using PHP Sessions

Page 1: session_start.php (Set Session)

<?php

session_start();

$_SESSION[‘username’] = “JohnDoe”;

$_SESSION[‘user_role’] = “Admin”;

echo “Session variables are set.”;

Page 2: session_display.php (Retrieve Session Data)

<?php

session_start();

if(isset($_SESSION[‘username’]) && isset($_SESSION[‘user_role’])) {

echo “Welcome, ” . $_SESSION[‘username’] . “. Your role is ” . $_SESSION[‘user_role’] . “.”;

} else {

echo “No session data found.”;

}

Destroying a Session (logout.php)

<?php

session_start();

session_unset();

session_destroy();

echo “Session destroyed.”;

When to Use Sessions

Ideal for user authentication, shopping carts, and dashboards.
More secure than GET and POST.
Data expires after a timeout or when the session is closed.

5. Passing Information Using Cookies

How Cookies Work

A cookie is stored on the client’s browser.
Can persist across browser sessions (e.g., “Remember Me” logins).
Set using setcookie() in PHP.

Example: Using Cookies

Set a Cookie (set_cookie.php)

<?php

setcookie(“username”, “JohnDoe”, time() + (86400 * 7), “/”); // 7-day expiry

echo “Cookie has been set!”;

Retrieve a Cookie (get_cookie.php)

<?php

if(isset($_COOKIE[‘username’])) {

echo “Welcome back, ” . $_COOKIE[‘username’];

} else {

echo “No cookie found.”;

}

Delete a Cookie (delete_cookie.php)

<?php

setcookie(“username”, “”, time() – 3600, “/”); // Expire in the past

echo “Cookie has been deleted.”;

When to Use Cookies

Good for storing user preferences, login details, tracking users.
Data persists even after the browser is closed.
Not secure (can be modified by the user).
Limited storage (~4KB per cookie).

6. Passing Information Using Hidden Form Fields

How Hidden Fields Work

Hidden fields store data inside a form but do not appear to the user.
Used to persist values between form submissions.

Example: Using Hidden Fields

Page 1: form.html

<!DOCTYPE html>

<html>

<head>

<title>Hidden Fields Example</title>

</head>

<body>

Name: <input type=”text” name=”name”>

</form>

</body>

</html>

Page 2: page2.php

<?php

if(isset($_POST[‘name’]) && isset($_POST[‘userid’])) {

echo “User ID: ” . $_POST[‘userid’] . ” | Name: ” . $_POST[‘name’];

}

When to Use Hidden Fields

Used when session or cookie storage is not available.
Less secure than sessions (values are visible in the page source).

7. Conclusion

Each method of passing information between pages in PHP has its use cases:

Method	Best Used For	Security
GET	Passing non-sensitive data in URLs	Low
POST	Secure form submissions	Medium
Sessions	Authentication, user state	High
Cookies	Storing user preferences	Medium
Hidden Fields	Persisting data in forms	Low

For secure applications, sessions are the best choice, while GET and POST are great for form submissions. Cookies are useful for long-term storage but should not store sensitive data.