📢 This article was originally published on DevSolx - Understanding PHP Superglobals. You can read it for free.
PHP is a powerful scripting language, and one of its most helpful features is superglobals. These built-in variables can be accessed from anywhere in your code, without needing to pass them explicitly. They make handling data easier, especially in web development.
In this guide, we'll break down PHP superglobals, explain their use cases, and provide simple examples for each.
What Are PHP Superglobals?
Superglobals are special PHP variables that are always accessible, regardless of scope. You don’t need to declare them or pass them to functions—they are automatically available, making it easier to work with user input, server details, and more.
Think of superglobals as "predefined global variables" that PHP provides to simplify data handling.
List of PHP Superglobals
$_GET$_POST$_REQUEST$_SESSION$_COOKIE$_FILES$_SERVER$GLOBALS$_ENV
Let's explore each one in detail.
1. $_GET: Retrieving Data from URLs
The $_GET superglobal collects data sent via query parameters in a URL.
Example:
<?php
if (isset($_GET['name'])) {
$name = $_GET['name'];
echo "Hello, $name!";
} else {
echo "Name is not provided!";
}
?>
How It Works:
When a user visits
example.com?name=John, the script displays: Hello, John!If no name is provided, it shows: Name is not provided!
🚀 Use Case: Dynamic pages like product details (product.php?id=101).
âš Security Tip: Always sanitize $_GET data to prevent SQL injection.
2. $_POST: Handling Form Submissions
The $_POST superglobal handles form data sent via the POST method.
Example:
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$username = htmlspecialchars($_POST['username']);
echo "Welcome, $username!";
}
?>
✅ Why Use $_POST?
Data isn't visible in the URL.
More secure than
$_GETfor sensitive information.
3. $_REQUEST: Merging GET, POST, and COOKIE Data
The $_REQUEST superglobal combines $_GET, $_POST, and $_COOKIE data.
Example:
<?php
if (isset($_REQUEST['data'])) {
echo "You entered: " . $_REQUEST['data'];
} else {
echo "No data received.";
}
?>
âš Security Note: Using $_REQUEST can be risky since it merges data sources. Prefer $_GET or $_POST for better control.
4. $_SESSION: Storing User Data
The $_SESSION superglobal allows data storage across multiple pages.
Example:
<?php
session_start(); // Start session
$_SESSION['user'] = "John";
echo "Session data saved!";
?>
💡 Use Case: Keeping users logged in across pages.
5. $_COOKIE: Storing Data in the Browser
Cookies allow data storage on the user's browser.
Example:
<?php
setcookie("user", "John", time() + (86400 * 7), "/"); // 7-day expiry
echo "Cookie set!";
?>
✅ Difference Between Sessions and Cookies:
Sessions store data on the server.
Cookies store data in the browser.
6. $_FILES: Handling File Uploads
The $_FILES superglobal is used for file uploads.
Example:
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$fileName = $_FILES['uploaded_file']['name'];
$tempName = $_FILES['uploaded_file']['tmp_name'];
if (move_uploaded_file($tempName, "uploads/" . $fileName)) {
echo "File uploaded successfully!";
} else {
echo "File upload failed.";
}
}
?>
🚀 Use Case: Profile picture uploads.
7. $_SERVER: Retrieving Server Information
The $_SERVER superglobal provides details about the server and request.
Example:
<?php
echo "Your IP Address: {$_SERVER['REMOTE_ADDR']}";
echo "Server Name: {$_SERVER['SERVER_NAME']}";
?>
🔹 Common Keys:
$_SERVER['HTTP_USER_AGENT']: Browser details.$_SERVER['REQUEST_METHOD']: HTTP method (GET/POST).
8. $GLOBALS: Accessing Global Variables
The $GLOBALS superglobal provides access to global variables.
Example:
<?php
$greeting = "Hello, World!";
function displayGreeting() {
echo $GLOBALS['greeting'];
}
displayGreeting();
?>
âš Best Practice: Avoid overusing $GLOBALS to maintain clean code.
9. $_ENV: Accessing Environment Variables
The $_ENV superglobal retrieves environment variables.
Example:
<?php
echo "Server Path: " . $_ENV['PATH'];
?>
✅ Use Case: Storing API keys and database credentials.
âš Note: Many modern servers disable $_ENV for security reasons. Use getenv() instead.
Wrapping It Up
PHP superglobals simplify data handling by providing predefined global variables for common tasks like form submissions, session management, and file uploads. Understanding and using them effectively can make your PHP applications more efficient and secure.
Which PHP superglobal do you use the most? Let me know in the comments! 🚀