Want to use both GET and POST methods

Question

I know result page that uses GET method can be bookmarked while the one using POST cannot be. I also know about the restrictions of the GET methods.

Now suppose I w

Answer 1

It's also as well to be aware that using GET opens up a temptation among certain sets of users to manipulate the URL to 'see what happens' so it's absolutely necessary to ensure that your code suitably sanitises the input variables.

Of course you were doing that anyway ;-). But with get it pays to be doubly paranoid.

Myself if I'm using GET I'll generally set a cookie too and drop an ID of some sort in it, then cross-correlate that to a variable in the GET list, just to make sure there's absolutely no issues over user A manipulating the input and letting them see anything originating with user B.