简短的问题，

1. ?"代表查询的开始 字符串，其中包含要 传递给服务器.在这种情况下 您正在将user = roa3传递给 profile.php页面.你可以得到 通过使用$ _GET ['user'] profile.php. querystring是从客户端代理向服务器发送数据的方法之一.另一个将数据放在HTTP正文中，然后将POST放入服务器，您不会直接从浏览器中看到HTTP POST数据.

1. "?" stands for the start of querying string which contains the data to be passed to the server. in this case you are passing user=roa3 to profile.php page. You can get the data by using $_GET['user'] within profile.php. querystring is one of the methods to send data to the server from client agent. The other one places the data in HTTP body and POST to the server, you don't see the HTTP POST　data directly from browser.

查询字符串可以由用户编辑 并且对公众可见.如果 www.website.com/profile.php?user=roa3 打算公开，然后是 很好，否则您可能要使用 会话以获取当前用户的 上下文.

querystring can be edited by user and it is visible to the public. If www.website.com/profile.php?user=roa3 is intended to be public then it is fine, otherwise you may want to use session to get current user's context.

这是一种将数据传递到的灵活方法 服务器，但它是可见的 对于某些用户来说是可编辑的 敏感数据，至少产生 附加之前的某种哈希 它到查询字符串，这可以防止 用户对其进行编辑或理解 它的含义.但是这个 并不能阻止一个体面的黑客 对你做错事 网站.不同的浏览器支持不同的URL最大长度，冗长的URL由那些querystring参数组成.如果要发送大量数据，请将数据放在HTTP正文中，然后将其POST到服务器.

it is a flexible way to pass data to the server, but it is visible and editable to the users, for some sensitive data, at least produce some kind of hash before attaching it to the querystring, this prevents users to edit it or understanding the meaning of it. However this doesn't prevent a decent hacker to do something wrong about your website. Different browsers support different max length of URL, the lengthy URL is made up by those querystring parameters. If you want to send large amount of data, place the data in the HTTP body and POST to the server.