Questions And Answers

More Tutorials

PHP Superglobal Variables

Superglobals are built-in variables that are always available in all scopes. Several predefined variables in PHP are "superglobals", which means they are available in all scopes throughout a script. There is no need to do global $variable; to access them within functions or methods.

What's a superglobal??

If you're thinking that these are like superheroes - they're not. As of PHP version 7.1.3 there are 9 superglobal variables. They are as follows:

  • $GLOBALS - References all variables available in global scope
  • $_SERVER - Server and execution environment information
  • $_GET - HTTP GET variables
  • $_POST - HTTP POST variables
  • $_FILES - HTTP File Upload variables
  • $_COOKIE - HTTP Cookies
  • $_SESSION - Session variables
  • $_REQUEST - HTTP Request variables
  • $_ENV - Environment variables


    An associative array containing references to all variables which are currently defined in the global scope of the script. The variable names are the keys of the array.

    $myGlobal = "global"; // declare variable outside of scope
    function test()
     $myLocal = "local"; // declare variable inside of scope
     // both variables are printed
    test(); // run function
    // only $myGlobal is printed since $myLocal is not globally scoped


    string 'local' (length=5)
    string 'global' (length=6)
    string 'global' (length=6)

    In the above example $myLocal is not displayed the second time because it is declared inside the test() function and then destroyed after the function is closed.


    $_SERVER is an array containing information such as headers, paths, and script locations. The entries in this array are created by the web server. There is no guarantee that every web server will provide any of these; servers may omit some, or provide others not listed here. That said, a large number of these

    array (size=36)
     'HTTP_HOST' => string 'localhost' (length=9)
     'HTTP_CONNECTION' => string 'keep-alive' (length=10)
     'HTTP_CACHE_CONTROL' => string 'max-age=0' (length=9)
     'HTTP_UPGRADE_INSECURE_REQUESTS' => string '1' (length=1)
     'HTTP_USER_AGENT' => string 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML,
    like Gecko) Chrome/57.0.2987.133 Safari/537.36' (length=110)
     'HTTP_ACCEPT' => string
    'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' (length=74)
     'HTTP_ACCEPT_ENCODING' => string 'gzip, deflate, sdch, br' (length=23)
     'HTTP_ACCEPT_LANGUAGE' => string 'en-US,en;q=0.8,en-GB;q=0.6' (length=26)
     'HTTP_COOKIE' => string 'PHPSESSID=0gslnvgsci371ete9hg7k9ivc6' (length=36)
     'PATH' => string 'C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files
    (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS
    ;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;E:\Program Files\ATI Technologies\ATI.ACE\CoreStatic;E:\Program Files\AMD\ATI.ACE\Core-Static;C:\Program Files (x86)\AMD\ATI.ACE\CoreStatic;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Intel(R)
    Managemen'... (length=1169)
     'SystemRoot' => string 'C:\WINDOWS' (length=10)
     'COMSPEC' => string 'C:\WINDOWS\system32\cmd.exe' (length=27)
     'PATHEXT' => string '.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.PY' (length=57)
     'WINDIR' => string 'C:\WINDOWS' (length=10)
     'SERVER_SIGNATURE' => string '<address>Apache/2.4.23 (Win64) PHP/7.0.10 Server at localhost
    Port 80</address>' (length=80)
     'SERVER_SOFTWARE' => string 'Apache/2.4.23 (Win64) PHP/7.0.10' (length=32)
     'SERVER_NAME' => string 'localhost' (length=9)
     'SERVER_ADDR' => string '::1' (length=3)
     'SERVER_PORT' => string '80' (length=2)
     'REMOTE_ADDR' => string '::1' (length=3)
     'DOCUMENT_ROOT' => string 'C:/wamp64/www' (length=13)
     'REQUEST_SCHEME' => string 'http' (length=4)
     'CONTEXT_PREFIX' => string '' (length=0)
     'CONTEXT_DOCUMENT_ROOT' => string 'C:/wamp64/www' (length=13)
     'SERVER_ADMIN' => string 'wampserver@wampserver.invalid' (length=29)
     'SCRIPT_FILENAME' => string 'C:/wamp64/www/test.php' (length=26)
     'REMOTE_PORT' => string '5359' (length=4)
     'GATEWAY_INTERFACE' => string 'CGI/1.1' (length=7)
     'SERVER_PROTOCOL' => string 'HTTP/1.1' (length=8)
     'REQUEST_METHOD' => string 'GET' (length=3)
     'QUERY_STRING' => string '' (length=0)
     'REQUEST_URI' => string '/test.php' (length=13)
     'SCRIPT_NAME' => string '/test.php' (length=13)
     'PHP_SELF' => string '/test.php' (length=13)
     'REQUEST_TIME_FLOAT' => float 1491068771.413
     'REQUEST_TIME' => int 1491068771


    An associative array of variables passed to the current script via the URL parameters.

    // URL =
    echo $_GET["myVar"] == "myVal" ? "true" : "false"; // returns "true"

    The above example makes use of the ternary operator. This shows how you can access the value from the URL using the $_GET superglobal. Now another example! gasp

    // URL =
    echo $_GET["myVar"]; // returns "myVal"
    echo $_GET["myVar2"]; // returns "myVal2"

    It is possible to send multiple variables through the URL by separating them with an ampersand (&) character


    An associative array of variables passed to the current script via the HTTP POST method when using
    application/x-www-form-urlencoded or multipart/form-data as the HTTP Content-Type in the request.

    Very similar to $_GET in that data is sent from one place to another. I'll start by going straight into an example. (I have omitted the action attribute as this will send the information to the page that the form is in).

    <form method="POST">
     <input type="text" name="myVar" value="myVal" />
     <input type="submit" name="submit" value="Submit" />

    Above is a basic form for which data can be sent. In an real environment the value attribute would not be set
    meaning the form would be blank. This would then send whatever information is entered by the user.

    echo $_POST["myVar"]);




    An associative array of items uploaded to the current script via the HTTP POST method. The structure of this array is outlined in the POST method uploads section.

    <form method="POST" enctype="multipart/form-data">
     <input type="file" name="myVar" />
     <input type="submit" name="Submit" />

    Note that I omitted the action attribute (again!). Also, I added enctype="multipart/form-data", this is important to any form that will be dealing with file uploads.

    // ensure there isn't an error
    if ($_FILES["myVar"]["error"] == UPLOAD_ERR_OK)
     $folderLocation = "myFiles"; // a relative path. (could be "path/to/file" for example)
     // if the folder doesn't exist then make it
     if (!file_exists($folderLocation)) mkdir($folderLocation);
     // move the file into the folder
     move_uploaded_file($_FILES["myVar"]["tmp_name"], "$folderLocation/" .

    This is used to upload one file. Sometimes you may wish to upload more than one file. An attribute exists for that, it's called multiple.

    There's an attribute for just about anything. I'm sorry

    Below is an example of a form submitting multiple files.

    <form method="POST" enctype="multipart/form-data">
     <input type="file" name="myVar[]" multiple="multiple" />
     <input type="submit" name="Submit" />

    This is a very simple example and doesn't handle problems such as file extensions that aren't allowed or files named with PHP code (like a PHP equivalent of an SQL injection). See the documentation.
    The first process is checking if there are any files, and if so, set the total number of them to $total.
    Using the for loop allows an iteration of the $_FILES array and accessing each item one at a time. If that file doesn't encounter a problem then the if statement is true and the code from the single file upload is run.
    If an problem is encountered the switch block is executed and an error is presented in accordance with the error for that particular upload.


    An associative array of variables passed to the current script via HTTP Cookies. Cookies are variables that contain data and are stored on the client's computer. Unlike the aforementioned superglobals, cookies must be created with a function (and not be assigning a value). The convention is below.

    setcookie("myVar", "myVal", time() + 3600);

    In this example a name is specified for the cookie (in this example it is "myVar"), a value is given (in this example it is "myVal", but a variable can be passed to assign its value to the cookie), and then an expiration time is given (in this example it is one hour since 3600 seconds is a minute). Despite the convention for creating a cookie being different, it is accessed in the same way as the others.

    echo $_COOKIE["myVar"];



    To destroy a cookie, setcookie must be called again, but the expiration time is set to any time in the past. See below

    setcookie("myVar", "", time() - 1);


    returns null

    This will unset the cookies and remove it from the clients computer


    An associative array containing session variables available to the current script. See the Session functions documentation for more information on how this is used.
    Sessions are much like cookies except they are server side. To use sessions you must include session_start() at the top of your scripts to allow sessions to be utilised. Setting a session variable is the same as setting any other variable. See example below.

    $_SESSION["myVar"] = "myVal";

    When starting a session a random ID is set as a cookie and called "PHPSESSID" nd will contain the session ID for that current session. This can be accessed by calling the session_id() function. It is possible to destroy session variables using the unset function (such that unset($_SESSION["myVar"]) would destroy that variable). The alternative is to call session_destory(). This will destroy the entire session meaning that all session variables will no longer exist.


    An associative array that by default contains the contents of $_GET, $_POST and $_COOKIE

    As the PHP documentation states, this is just a collation of $_GET, $_POST, and $_COOKIE all in one variable. Since it is possible for all three of those arrays to have an index with the same name, there is a setting in the php.ini file called request_order which can specify which of the three has precedence.
    For instance, if it was set to "GPC", then the value of $_COOKIE will be used, as it is read from left to right meaning the $_REQUEST will set its value to $_GET, then $_POST, and then $_COOKIE and since $_COOKIE is last that is the value that is in $_REQUEST.


    An associative array of variables passed to the current script via the environment method.

    These variables are imported into PHP's global namespace from the environment under which the PHP parser is running. Many are provided by the shell under which PHP is running and different systems are likely running different kinds of shells, a definitive list is impossible. Please see your shell's documentation for a list of defined environment variables.

    Other environment variables include the CGI variables, placed there regardless of whether PHP is running as a server module or CGI processor.

    Anything stored within $_ENV is from the environment from which PHP is running in.
    $_ENV is only populated if php.ini allows it


    In this page (written and validated by ) you learned about PHP Superglobal Variables . What's Next? If you are interested in completing PHP tutorial, your next topic will be learning about: PHP echo and print.

    Incorrect info or code snippet? We take very seriously the accuracy of the information provided on our website. We also make sure to test all snippets and examples provided for each section. If you find any incorrect information, please send us an email about the issue:

    Share On:

    Mockstacks was launched to help beginners learn programming languages; the site is optimized with no Ads as, Ads might slow down the performance. We also don't track any personal information; we also don't collect any kind of data unless the user provided us a corrected information. Almost all examples have been tested. Tutorials, references, and examples are constantly reviewed to avoid errors, but we cannot warrant full correctness of all content. By using, you agree to have read and accepted our terms of use, cookies and privacy policy.