Is there a way to use GET and POST together?

Question

I need to pass some data with these 2 methods together ( GET AND POST ). I write this method, but I don't know if it is safe:

<form method="post" action="profile.php?id=<?php echo $_SESSION['id']; ?>" enctype="multipart/form-data">
<input type="text" size="40" name="title" >
<textarea name="description" rows="2" cols="30"></textarea>
<input id="starit" name="submit" value="Create" type="submit" />
</form>

<?php 
a= $_GET['id'];
b= $_POST['title'];
c= $_POST['description'];
?>

Is this code safe ? Or there are other ways to do that ?

Answer 1

don't write method attribute in your form condition and add formmethod=" " attribute in input... for example:

<input type="submit" formmethod="get"  name="inputGet" value="updateGet" >
<input type="submit" formmethod="post" name="inputPost" value="updatePost" >

Answer 2

This is not a combined GET and POST request; rather, it's a POST request with query parameters.

What you have written would be the right way. Always make sure that you get the expected fields:

if (isset($_GET['id'], $_POST['title'], $_POST['description']) {
  // go ahead
}

Btw, make sure that you escape your output:

<form method="post" action="profile.php?id=<?php echo rawurlencode($_SESSION['id']); ?>">

And if you're not uploading files, you don't need to set the enctype of your <form>.

Answer 3

you can use both and get with REQUEST instead of GET or POST, with the same name of params it will get the "request-order" order GET and then POST by default.

http://php.net/request-order

it is in php.ini

Answer 4

This is better :

<form method="post" action="profile.php?id=<?php echo urlencode($_SESSION['id'])); ?>">