I'm creating a custom admin page that will enable the client to navigate the content list and edit/delete/add items to and from database(myPhpAdmin) in PHP and I was wondering about the correct way to do it.
For the front-end part (non-admin pages) I used links to store variables in URL and then retrieve it using the $_GET superglobal, example: http://localhost/myWebsite/pages/products.php?***main_id=1***.
<?php
if(isset($_GET['main_id'])) {
$mainID = $_GET['main_id'];
getSubGroupsWithMainID($mainID);
}
?>
Now, I'm not really sure that should be visible in the admin section (or should it?), so my idea was to use the $_POST superglobal in a similar manner to retrieve the necessary query parameters. My only concern is that links or <a> tags can't really send the data into the $_POST.
I hope I was clear enough with the explanation of the problem.
Any help is much appreciated.
Thanks
This seems like a very general question (almost opinion-based), but if I understand you correctly, this is my advice:
If loading a script that is READing from the database, use $_GET.
If you want to incorporate permissions with regard to certain pages, you can associate your users' privileges with the page ids.
If loading a script that runs a CREATE/UPDATE/DELETE query, use $_POST.
p.s. There is no benefit in declaring $mainID. Just write getSubGroupsWithMainID($_GET['main_id']); inside of the if block.