When a GET hits your server, your RESTful webapp should not alter the database. Why not enforce this at the permissions level?
GET should only be able to SELECT rows, and POST should be able to SELECT, UPDATE, and INSERT. (DELETE is up to your discretion. I prefer to flag rows for deletion and periodically run a script to archive or remove these rows.) Now, I'm sure you intend to follow this rule in your own webapp, but security isn't about intention. Let's make it impossible for a request to violate this rule!
$db_login = array( 'GET' => array('webapp-view', 'pw-for-modifying'), 'POST' => array('webapp-mod', 'pw-for-editing') ); list($db_username, $db_auth) = $db_login[strtoupper($_SERVER['REQUEST_METHOD'])];
You might prefer to implement this using a switch-case block or some other technique, especially if you also allow HEAD, TRACE, DELETE, or PUT. But no matter how you implement it, laziness is no reason not to be using this in your webapp! It's just too easy.