Your CGI's, using Mel's service program,
are not sensitive to the GET or POST method,
but the remote browser is.
The GET method.
The query string (the string starting by ?
and containing the request parameters) is visible
in the browser command line.
This is useful for testing purposes,
because you can easily detect some flaw in the string.
But it is dangerous once you release your CGIs,
because the user may try to alter some parameters
in your request.
The POST method.
There is no way the user may see the query string,
therefore the query string is more protected against
Another interesting control mastered by the browser
when you use the POST method, is the protection against a
back page which is not in the cache:
a dialog box would appear asking
whether you want to re-post your previous request.
An educated user, who previously submitted an order,
would understand that doing this would re-enter the same
order a second time, and would not go back page.
If you used instead the GET method, no such dialog box
would appear for a
back page which is not in the cache.
my suggestion is:
-in your forms, use the GET method to perform
-but, before releasing your htmls, substitute the
GET with the POST method.