Warning When Using Superglobal Variables
Hackers often use these to try and inject code etc. When accessing superglobal variables ensure you sanitise them. E.g.
$CameFromPage = htmlentities($_SERVER['HTTP_REFERER']); //htmlentities() converts things like < > " \ etc into HTML strings like < so they become harmless.
Superglobal Variables
Always available in all scopes
$GLOBALS
References all variables available in global scope
$_SERVER
Server and execution environment information
$_GET
HTTP GET variables
$_POST
HTTP POST variables
$_FILES
HTTP File Upload variables
$_REQUEST
HTTP Request variables
$_SESSION
Session variables
$_ENV
Environment variables
$_COOKIE
HTTP Cookies
$php_errormsg
The previous error message
$HTTP_RAW_POST_DATA
Raw POST data
$http_response_header
HTTP response headers
$argc
The number of arguments passed to script
$argv
Array of arguments passed to script
USEFUL?
We benefit hugely from resources on the web so we decided we should try and give back some of our knowledge and resources to the community by opening up many of our company’s internal notes and libraries through mini sites like this. We hope you find the site helpful.
Please feel free to comment if you can add help to this page or point out issues and solutions you have found, but please note that we do not provide support on this site. If you need help with a problem please use one of the many online forums.