Overview
KB
Learn PHP
PHP techniques
PHP basics
PHP Tutorial
PHP History
Command Line PHP
PHP Syntax
PHP Variables
PHP Superglobals
PHP Strings

PHP Superglobals

PHP Superglobals The PHP Superglobals are a handful of arrays that provide to a PHP script global access to data originating externally. Whereas PHP scripts contain variables that are local to that script and functions may have variables that are only accessible within that function, the PHP Superglobals represent data coming from URLs, HTML forms, cookies, sessions, and the Web server itself. $HTTP_GET_VARS, $HTTP_POST_VARS, etc., served these same purposes but the PHP superglobal variables are better in that they can also be accessed within any functions (i.e., they have global scope).
NuSphere's PhpEd's superglobals display
Introduced in PHP 4.1, the Superglobals are:
  • $_GET The $_GET Superglobal represents data sent to the PHP script in a URL. This applies both to directly accessed URLs (e.g., http://www.example.com/page.php?id=2) and form submissions that use the GET method.
  • $_POST The $_POST Superglobal represents data sent to the PHP script via HTTP POST. This is normally a form with a method of POST.
  • $_COOKIE The $_COOKIE Superglobal represents data available to a PHP script via HTTP cookies.
  • $_REQUEST The $_REQUEST Superglobal is a combination of $_GET, $_POST, and $_COOKIE.
  • $_SESSION The $_SESSION Superglobal represents data available to a PHP script that has previously been stored in a session.
  • $_SERVER The $_SERVER Superglobal represents data available to a PHP script from the Web server itself. Common uses of $_SERVER is to refer to the current PHP script ($_SERVER['PHP_SELF']), the path on the server to that script, the host name, and so on. (The image at right shows some sample $_SERVER values, which can be easily viewed in NuSphere's PhpED's Globals pane.)
  • $_ENV The $_ENV Superglobal represents data available to a PHP script from the environment in which PHP is running.
  • $_FILES The $_FILES Superglobal represents data available to a PHP script from HTTP POST file uploads. Using $_FILES is the currently preferred way to handle uploaded files in PHP.
Another PHP Superglobal, called $GLOBALS, stores every variable with global scope, which includes the above. Unlike the other Superglobals, $GLOBALS has been around since PHP 3.

Security Considerations

One key aspect of Web application security is referring to variables with precision, which is why relying upon register_globals is bad. For the same reason, one should not use $_REQUEST as it is less exact, and therefore less secure, than explicitly referring to $_GET, $_POST, or $_COOKIE. Furthermore, the order in which the GET, POST, and COOKIE data is loaded into the $_REQUEST array is dictated by PHP's variables_orders configuration, so the same reference to $_REQUEST in a PHP script could behave differently on different servers.

Article continues:  next page>>

 Download NuSphere PHP IDE

Download a free trial of the fast PHP EDitor and robust Integrated Development Environment for PHP.

 Buy NuSphere PhpED® now

Best PHP Editor and complete PHP IDE.
NuSphere PhpED 12.0 is available from our online store front.

 Special Team4 Offer

Get 4 copies of PhpED for the price of 3!

Optimum solution for development teams.
PhpED 12.0 Team4
Need more than 4 licenses? Contact Us for more quantity discounts, please use "Ordering/Payment issue" subject on the form.
"To be honest its bloody awesome, I have looked at loads of PHP editors and this is THE only one that actual works straight out of the box!!! Brilliant, well done."
Andrew Breward,
Director of Technology
caboodal.com