home | O'Reilly's CD bookshelfs | FreeBSD | Linux | Cisco | Cisco Exam  

Programming PHPProgramming PHPSearch this book
PreviousNext

7.2. Variables

Server configuration and request information—including form parameters and cookies—are accessible in three different ways from your PHP scripts, as described in this section. Collectively, this information is referred to as EGPCS (environment, GET, POST, cookies, and server).

If the register_globals option in php.ini is enabled, PHP creates a separate global variable for every form parameter, every piece of request information, and every server configuration value. This functionality is convenient but dangerous, as it lets the browser provide initial values for any of the variables in your program. The (negative) effects this can have on your program's security are explained in Chapter 12.

Regardless of the setting of register_globals, PHP creates six global arrays that contain the EGPCS information.

The global arrays are:

$HTTP_COOKIE_VARS
Contains any cookie values passed as part of the request, where the keys of the array are the names of the cookies

$HTTP_GET_VARS
Contains any parameters that are part of a GET request, where the keys of the array are the names of the form parameters

$HTTP_POST_VARS
Contains any parameters that are part of a POST request, where the keys of the array are the names of the form parameters

$HTTP_POST_FILES
Contains information about any uploaded files

$HTTP_SERVER_VARS
Contains useful information about the web server, as described in the next section

$HTTP_ENV_VARS
Contains the values of any environment variables, where the keys of the array are the names of the environment variables

Because names like $HTTP_GET_VARS are long and awkward to use, PHP provides shorter aliases: $_COOKIE, $_GET, $_POST, $_FILES, $_SERVER, and $_ENV. These variables are not only global, but also visible from within function definitions, unlike their longer counterparts. These short variables are the recommended way to access EGPCS values. The $_REQUEST array is also created by PHP if the register_globals option is on; however, there is no corresponding $HTTP_REQUEST_VARS array. The $_REQUEST array contains the elements of the $_GET, $_POST, and $_COOKIE arrays.

PHP also creates a variable called $PHP_SELF, which holds the name of the current script, relative to the document root (e.g., /store/cart.php). This value is also accessible as $_SERVER['PHP_SELF']. This variable is useful when creating self-referencing scripts, as we'll see later.

PreviousHomeNext
7. Web TechniquesBook Index7.3. Server Information
Library Navigation Links

Copyright © 2003 O'Reilly & Associates. All rights reserved.