a. For Method = GET
When the submit button is pressed, the contents of the form will be assembled into a query URL that looks like this:
("action" here is the URL specified by the ACTION attribute to the FORM tag, or the current document URL if no ACTION attribute was specified.)
Strange characters in any of the "name" or "value" instances will be escaped as usual; this includes "=" and "&". Note: This means that instances of "=" that separate names and values, and instances of "&" that separate name/value pairs, are not escaped.
For text and password entry fields, whatever the user typed in will be the value; if the user didn't type anything, the value will be empty but the "name=" part of the query string will still be present.
For checkboxes and radio buttons, the VALUE attribute specifies the value of a checkbox or radio button when it is checked. An unchecked checkbox is disregarded completely when assembling the query string. Multiple checkboxes can have the same NAME (and different VALUEs), if desired. Multiple radio buttons
intended to have "one of many" behavior should have the same NAME and different VALUEs.
b. For Method = POST
The contents of the form are encoded exactly as with the GET method (above), but rather than appending them to the URL specified by the form's ACTION attribute as a query, the contents are sent in a data block as part of the POST operation. The ACTION attribute (if any) is the URL to which the data block is POSTed.
If you wish to write a prototype fill-out form and test it against a query server that simply shows you what you submitted (with name/value pairs decoded and itemized), you can use the following:
For METHOD="POST", use ACTION="https://foobar.edu/cgi-bin/post-query"
For METHOD="GET", use ACTION="https://foobar.edu/cgi-bin/query"
C source code for the query and post-query programs is distributed with NCSA HTTPd, in the cgi-src directory.
The fill-out form examples listed below use these query servers as their back ends, so you can see them in action and know what to expect with your own forms.
If you use the GET method in your form, you will notice that the example
GET server will choke if too much data (more than a couple hundred bytes)
is submitted at a time -- the server is passing the data to the form-processing
module via a shell command line, and the maximum shell command line length
is being exceeded. This problem does not exist with the POST method and
CGI Environment Variables
In order to pass data about the information request from the server to the script, the server uses command line arguments as well as environment variables. These environment variables are set when the server executes the gateway program.