Superglobals

Introducing the SUPERGLOBALS
After PHP 4.1, the superglobals were introduced as a secure way to handle information, such as form data, cookies, and file uploads. The superglobals replace the old $HTTP_VARS arrays and the native globals that used to (and still, for now, do) exist.

When working with forms in PHP with versions above PHP 4.1, it is important to use the superglobals, rather than the old native globals.

Huh? What does that mean?

If you have a form like the following:

Code:

---

<form name="name" action="page.php" method="post">
    <input type="text" name="age">
    <input type="submit" value="Send">
</form>

---

Then to access the information in page.php, after submitting, you would do this:

PHP Code:

---

echo $_POST['age'];

//NOTE: This is the old way to do it. It is wrong:
echo $age; 


---

But why?

In PHP 4.1, the register_globals option is shut off by default, making the old variables (such as $age in our example above) unavailable. While some servers have it enabled, it is STILL recommended that you do not use it, and stick with the superglobals.

The superglobals were implemented for security reasons and more information about these reasons can be found on this site.

What are the other superglobals?
These are the current (as of 10/14/03) list of superglobals:

• $_POST[] - Information sent via form as post
• $_GET[] - Information sent via form as get (default)
• $_COOKIE[] - Stores cookie information set by the setcookie() function
• $_REQUEST[] - Stores POST, GET, and COOKIE information. It is not recommended to use this UNLESS you have to (ie, the information may be coming as GET or POST)
• $_SERVER[] - Variables set by the server or those directly related to the script execution
• $_ENV[] - Variable given to the script via environment