visionary Posted May 1, 2012 Share Posted May 1, 2012 I am new to php programming and I am having trouble understanding global variables. I understand that hey differ in from local variables in that they are accessible from all parts of the code,.i.e. functions, classes, etc. But for how long do these variables remain available (for use) to other parts of the code? A. Only available until after all related php pages have been executed/loaded. B. Available for any other php pages subsequently loaded/executed on the same site. Available for the life of the site connection. Thanks for your help Quote Link to comment Share on other sites More sharing options...
requinix Posted May 1, 2012 Share Posted May 1, 2012 I am new to php programming and I am having trouble understanding global variables. I understand that hey differ in from local variables in that they are accessible from all parts of the code,.i.e. functions, classes, etc. Actually no. There are two types of variables: superglobal variables and normal variables. The superglobals are true "global" variables; they are $_POST, $_GET, $_SESSION, and the other similar $_ arrays. They are accessible absolutely everywhere. Note that you cannot define your own superglobals. Everything else is just a normal variable. There are two levels of variable scope: function (inside a function) and file (outside a function). When you define a variable in one it's available to everything else afterwards but only while in the same scope. Variables outside a function are not available inside a function, and vice versa. This also includes nested functions such as closures. There are three exceptions to these rules. 1. Inside a function you can access a variable defined in the file scope with the "global" keyword or the $GLOBALS array (which is a superglobal). This is strongly discouraged. 2. Class functions can access class variables by using $this. Technically this isn't an exception but it looks like one. 3. Closures (aka anonymous functions) can access variables defined immediately outside it with the "use" keyword. Classes could be called a third scope but IMO they aren't. To answer the question, A. Each time PHP starts executing the first file (that is, only the very first file and not any others that may be included) it starts from scratch, creates the few automatically-defined things (like $_POST and $_GET), and runs your code. So even if you defined a variable earlier you can't get it because it was "lost". If PHP were drawing on a whiteboard, it would draw variables and functions and all that and then erase the whole board when it was done. The next time it starts drawing it has a clean slate. Sessions can emulate the B option. It is not actually that: the variables aren't preserved across each script. What PHP does is have a special $_SESSION array and, when the script is done, it (separately) stores everything you put in there. When PHP executes the next file it looks up what it remembered and reconstructs $_SESSION. Quote Link to comment Share on other sites More sharing options...
visionary Posted May 1, 2012 Author Share Posted May 1, 2012 Thank you. I understand much better. I am transitioning from filemaker programming where global variables, once declared, remain accessible as long as filemaker is still running, seconds or hours later - a global variable ($$User) data can be accessed. I see that in php, global variables function differently in that once the page (and its associated include, require...) is loaded it is gone and not available for any other pages that could find it useful on subsequent user page requests. I guess that is probably where the cookies may come in handy... Quote Link to comment Share on other sites More sharing options...
requinix Posted May 1, 2012 Share Posted May 1, 2012 I guess that is probably where the cookies may come in handy... Cookies have a very important drawback: the user can see and edit them. Don't put sensitive information in them because if there's a vulnerability on your site then a malicious user might be able to grab that information from an innocent user. Also don't assume that what you put in there will stay intact because things like user IDs and privilege levels could be changed, and unless you verify that the information is correct then it cannot be trusted. (Just like $_GET and $_POST.) Also keep in mind that you can only have one value for the entire site, so storing form values (for example) means you could only remember the one form at a time. If you're considering using a cookie for something, think harder and about whether it would be better/more appropriate/safer in a session value instead. Under 99% of configurations, session values are stored on the server and thus safe from tampering. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.