In PHP, there are some helpful global variables available to developers that contain various elements of HTTP request data. In fact, these aren't just global variables but superglobal, which means they do not need to be declared with the global $var; syntax. They are available in all scopes by default. Some of them are:
- $_POST : an associative array of variables passed to the current script via the HTTP POST method when using application/x-www-form-urlencoded or multipart/form-data as the HTTP Content-Type in the HTTP request.
- $_GET : an associative array of variables passed to the current script via the URL parameters, also known as query string parameters.
- $_COOKIE : an associative array of variables passed to the current script via HTTP Cookies. i.e., the Cookie header of an HTTP request.
- $_REQUEST : an associative array that by default contains the contents of $_GET, $_POST and $_COOKIE.
Other superglobals are $GLOBALS, $_SERVER, $_FILES, $_SESSION, and $_ENV.
|Contains||POST data only||both GET and POST data, as well as contents of $_COOKIE|
$_REQUEST is a separate variable from $_GET and $_POST. This means modifying $_GET or $_POST elements at runtime will not affect the elements in $_REQUEST, and vice versa.
When running PHP scripts via the command line, i.e., not as part of serving an HTTP request, $_REQUEST does not include the argv and argc entries. They are only included in the $_SERVER associative array.
Conflicting GET and POST variables
By default $_REQUEST contains data from GET, POST and cookies. If there are conflicts—i.e., the same variable is set separately in GET and POST or POST and Cookie etc.—the conflicts are resolved per the the PHP variables_order configuration directive. The default order is EGPCS (environment, GET, POST, Cookie, Server). This means the variable in $_GET gets precedence over $_POST, which in turn gets precedence over $_COOKIE.