Introduction
The purpose of this answer is to clarify and put things on the axis.
Regarding data processing to make a request or data transmission secure, the 4 existing responses up to the date of publication of this answer are enough to understand the basics about sanitizing, filtering and validating data, so , let's begin to unravel the subject:
The PHP global variable, $_GET
This global variable is used to retrieve data received by the GET method.
Simple like that, there is not much to say.
Manual: link
Methods of sending HTTP data
This is a subject that has nothing to do with PHP.
HTTP is a protocol used to transfer "hypertext" (Hypertext Transfer Protocol). General information on Wikipedia: link
So the HTTP protocol is one thing and $ _GET is a PHP resource.
A request by the GET method does not necessarily have parameters. An example, when entering the following address in a browser: link , will already be sending a request by the GET method. This is the default method of sending data.
What is safe to send by GET method?
We recommend sending only non-sensitive data . Private information such as passwords, credit card, login, etc. is considered as sensitive data.
The reason for not sending sensitive data by the GET method is that it is visibly easy for anyone to get such data, even offline, because URLs are usually cached on the user's device.
However, even the POST method should not send sensitive data without encryption.
In summary, there is generally no problem sending data by GET or POST or other REST methods .
GET is not to blame
Part of the problem is the sloppy way people pass information, in order to summarize a subject, they end up teaching in an inappropriate way. For example, the question that made does not make the slightest sense. But I believe it is due to a subject that was addressed in the other answers, which is the treatment and validation of the data received.
Validation of data, both by GET and POST, if not done correctly can lead to serious security problems.
Sending the data itself has no problem because this is the HTTP protocol. What will affect the security or correct functioning of the receiving system, ie the responsibility of what will be done with the data received is entirely the system that receives the data. It is also valid to point out that depending on the type of data being received, who sends also has responsibility, see what I mentioned above about sensitive data.
The HTTP protocol itself is just a road through which the data travels.