Question in the title.
And what happens when all 3 of $_GET[foo], $_POST[foo] and $_COOKIE[foo] exist? Which one of them gets included to $_REQUEST?
Advertisement
Answer
I’d say never.
If I wanted something to be set via the various methods, I’d code for each of them to remind myself that I’d done it that way – otherwise you might end up with things being overwritten without realising.
Shouldn’t it work like this:
$_GET = non destructive actions (sorting, recording actions, queries)
$_POST = destructive actions (deleting, updating)
$_COOKIE = trivial settings (stylesheet preferences etc)
$_SESSION = non trivial settings (username, logged in?, access levels)