Understanding Superglobal Variable in PHP: A Comprehensive Guide

PHP is a powerful scripting language, and one of its most helpful features is superglobals. These are built-in variables that can be accessed from anywhere in your code, without the need to pass them around. Superglobals make it easier to handle data, especially in web development. In this guide, we will break down everything you need to know about PHP superglobals, explaining each one in detail with simple examples. Let’s dive in!

*This article was originally published at DevSolx. Read it for an in-depth understanding of PHP superglobals.
*

What Are PHP Superglobals?

Superglobals are special PHP variables that are always accessible, regardless of the scope. You don’t need to declare them or pass them to functions. These variables are automatically available and make handling data, such as user input or server information, much easier.

Think of superglobals as magic boxes that hold important information. Each box has a specific purpose, like storing form data, session details, or information about the server. By understanding what each box does, you can unlock powerful ways to build your PHP applications.

List of PHP Superglobals

• $_GET
• $_POST
• $_REQUEST
• $_SESSION
• $_COOKIE
• $_FILES
• $_SERVER
• $_GLOBALS

Let’s explore each one step by step.

1. $_GET: Retrieving Data from URLs

The $_GET superglobal is used to collect data sent through the URL. For example, when you visit a URL like example.com?name=John, the data name=John is passed to your PHP script through $_GET.

Example:

if (isset($_GET['name'])) {
    $name = $_GET['name'];
    echo "Hello, $name!";
} else {
    echo "Name is not provided!";
}
?>

How It Works:

• When a user visits example.com?name=John, the script above will display: Hello, John!.
• If no name is provided, it will show: Name is not provided!.

Real-Life Use Case: Imagine you are running an online store. You can use $_GET to show product details when a user clicks on a product link, such as product.php?id=101.

Important Note: Never trust user input directly. Always sanitize data from $_GET to avoid security risks like SQL injection.

2. $_POST: Collecting Form Data

The $_POST superglobal is used to handle data sent from HTML forms using the POST method. This is commonly used for sensitive data like passwords or personal information.

Example:

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $username = htmlspecialchars($_POST['username']);
    echo "Welcome, $username!";
}
?>

How It Works:

• A user submits an HTML form with a field named username.
• The PHP script retrieves the input using $_POST and processes it.

Why Use $_POST? Unlike $_GET, the data sent through $_POST is not visible in the URL. This makes it more secure for transmitting sensitive information.

3. $_REQUEST: Combining GET and POST Data

The $_REQUEST superglobal is a combination of $_GET, $_POST, and $_COOKIE. It collects data from all three sources.

Example:

if (isset($_REQUEST['data'])) {
    $data = $_REQUEST['data'];
    echo "You entered: $data";
} else {
    echo "No data received.";
}
?>

Important Note: While $_REQUEST is convenient, it can make your code less secure. Always know where your data is coming from and prefer $_GET or $_POST for better control.

4. $_SESSION: Storing User Data

The $_SESSION superglobal is used to store data across multiple pages. Sessions are stored on the server, and they last until the browser is closed (by default) or the session is manually destroyed.

Example:

session_start(); // Start the session
$_SESSION['user'] = "John";
echo "Session data saved!";
?>

In another file:

session_start(); // Resume the session
if (isset($_SESSION['user'])) {
    echo "Welcome back, {$_SESSION['user']}!";
} else {
    echo "No session found.";
}
?>

Real-Life Use Case: Sessions are commonly used to maintain login states for users. For example, once a user logs in, you can store their username in a session to greet them on every page.

5. $_COOKIE: Remembering Data Across Visits

Cookies are small pieces of data stored on the user's browser. The $_COOKIE superglobal allows you to retrieve this data in PHP.

Example:

setcookie("user", "John", time() + (86400 * 7), "/"); // Expires in 7 days
echo "Cookie set!";
?>

To retrieve the cookie:

if (isset($_COOKIE['user'])) {
    echo "Welcome back, {$_COOKIE['user']}!";
} else {
    echo "No cookie found.";
}
?>

Difference Between $_SESSION and $_COOKIE:

• Sessions store data on the server.
• Cookies store data on the user’s browser.

Tip: Always use cookies for non-sensitive data like user preferences.

6. $_FILES: Handling File Uploads

The $_FILES superglobal is used to upload files from an HTML form.

Example:

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $fileName = $_FILES['uploaded_file']['name'];
    $tempName = $_FILES['uploaded_file']['tmp_name'];
    if (move_uploaded_file($tempName, "uploads/" . $fileName)) {
        echo "File uploaded successfully!";
    } else {
        echo "File upload failed.";
    }
}
?>

Real-Life Use Case: Use $_FILES to allow users to upload profile pictures, documents, or other files.

7. $_SERVER: Getting Server Information

The $_SERVER superglobal contains information about the server and the current request.

Example:

echo "Your IP Address: {$_SERVER['REMOTE_ADDR']}";
echo "Server Name: {$_SERVER['SERVER_NAME']}";
?>

Other Useful Keys:

• $_SERVER['HTTP_USER_AGENT']: Shows the user’s browser details.
• $_SERVER['REQUEST_METHOD']: Shows the HTTP method (GET or POST).

8. $_GLOBALS: Accessing Global Variables

The $_GLOBALS superglobal allows you to access global variables from anywhere in your script.

Example:

$greeting = "Hello, World!";
function displayGreeting() {
    echo $_GLOBALS['greeting'];
}
displayGreeting();
?>

Tip: While $_GLOBALS can be helpful, it’s best to avoid overusing it to keep your code clean and maintainable.