From e76f850007952be2de53b8db0ca898176409102a Mon Sep 17 00:00:00 2001 From: Torben Wilson Date: Thu, 14 Feb 2002 12:15:33 +0000 Subject: [PATCH] Some cleanups and a more thorough treatment of the various globals. git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@70223 c90b9560-bf6c-de11-be94-00142212c4b1 --- appendices/predefined.xml | 550 ++++++++++++++++++++++++-------------- 1 file changed, 353 insertions(+), 197 deletions(-) diff --git a/appendices/predefined.xml b/appendices/predefined.xml index 29bd0dc572..f8cae6d1d8 100644 --- a/appendices/predefined.xml +++ b/appendices/predefined.xml @@ -1,5 +1,5 @@ - + Predefined Variables - - Apache variables + + Server variables: <varname>$_SERVER</varname> + + + + Introduced in 4.1.0. In earlier versions, use + $HTTP_SERVER_VARS. + + - These variables are created by the Apache webserver. If you are running - another webserver, there is no guarantee that it will provide the - same variables; it may omit some, or provide others not listed - here. That said, a large number of these variables are accounted - for in the CGI 1.1 - specification, so you should be able to expect those. + $_SERVER is an array containing information + such as headers, paths, and script locations. The entries in this + array are created by the webserver. There is no guarantee that + every webserver will provide any of these; servers may omit some, + or provide others not listed here. That said, a large number of + these variables are accounted for in the CGI 1.1 specification, so you should + be able to expect those. + + + This is a 'superglobal', or automatic global, variable. This + simply means that it is available in all scopes throughout a + script. You don't need to do a global + $_SERVER; to access it within functions or methods, as + you do with $HTTP_SERVER_VARS. + + + + $HTTP_SERVER_VARS contains the same + information, but is not an autoglobal. + + Note that few, if any, of these will be available (or indeed have any meaning) if running PHP on the command line. + + If the register_globals directive + is set, then these variables will also be made available in the + global scope of the script; i.e., separate from the + $_SERVER and $HTTP_SERVER_VARS + arrays. For related information, see the security chapter titled + Using Register + Globals. These individual globals are not autoglobals. + + - $GATEWAY_INTERFACE + 'GATEWAY_INTERFACE' What revision of the CGI specification the server is using; @@ -48,7 +81,7 @@ follow for this appendix. --> - $SERVER_NAME + 'SERVER_NAME' The name of the server host under which the current script is @@ -59,7 +92,7 @@ follow for this appendix. --> - $SERVER_SOFTWARE + 'SERVER_SOFTWARE' Server identification string, given in the headers when @@ -69,7 +102,7 @@ follow for this appendix. --> - $SERVER_PROTOCOL + 'SERVER_PROTOCOL' Name and revision of the information protocol via which the @@ -79,7 +112,7 @@ follow for this appendix. --> - $REQUEST_METHOD + 'REQUEST_METHOD' Which request method was used to access the page; i.e. 'GET', @@ -89,7 +122,7 @@ follow for this appendix. --> - $QUERY_STRING + 'QUERY_STRING' The query string, if any, via which the page was accessed. @@ -98,7 +131,7 @@ follow for this appendix. --> - $DOCUMENT_ROOT + 'DOCUMENT_ROOT' The document root directory under which the current script is @@ -108,7 +141,7 @@ follow for this appendix. --> - $HTTP_ACCEPT + 'HTTP_ACCEPT' Contents of the Accept: header from the @@ -118,7 +151,7 @@ follow for this appendix. --> - $HTTP_ACCEPT_CHARSET + 'HTTP_ACCEPT_CHARSET' Contents of the Accept-Charset: header @@ -129,7 +162,7 @@ follow for this appendix. --> - $HTTP_ACCEPT_ENCODING + 'HTTP_ACCEPT_ENCODING' Contents of the Accept-Encoding: header @@ -139,7 +172,7 @@ follow for this appendix. --> - $HTTP_ACCEPT_LANGUAGE + 'HTTP_ACCEPT_LANGUAGE' Contents of the Accept-Language: header @@ -149,7 +182,7 @@ follow for this appendix. --> - $HTTP_CONNECTION + 'HTTP_CONNECTION' Contents of the Connection: header from @@ -159,7 +192,7 @@ follow for this appendix. --> - $HTTP_HOST + 'HTTP_HOST' Contents of the Host: header from the @@ -169,34 +202,36 @@ follow for this appendix. --> - $HTTP_REFERER + 'HTTP_REFERER' The address of the page (if any) which referred the browser - to the current page. This is set by the user's browser; not - all browsers will set this. + to the current page. This is set by the user agent. Not + all user agents will set this, and some provide the ability + to modify HTTP_REFERER as a feature. In + short, it cannot really be trusted. - $HTTP_USER_AGENT + 'HTTP_USER_AGENT' Contents of the User_Agent: header from the current request, if there is one. This is a string - denoting the browser software being used to view the current - page; i.e. Mozilla/4.5 [en] (X11; U; Linux - 2.2.9 i586). Among other things, you can use - this value with get_browser to tailor - your page's functionality to the capabilities of the user's - browser. + denoting the user agent being which is accessing the page. A + typical example is: Mozilla/4.5 [en] (X11; U; + Linux 2.2.9 i586). Among other things, you + can use this value with get_browser to + tailor your page's output to the capabilities of the user + agent. - $REMOTE_ADDR + 'REMOTE_ADDR' The IP address from which the user is viewing the current @@ -206,7 +241,7 @@ follow for this appendix. --> - $REMOTE_PORT + 'REMOTE_PORT' The port being used on the user's machine to communicate with @@ -216,7 +251,7 @@ follow for this appendix. --> - $SCRIPT_FILENAME + 'SCRIPT_FILENAME' The absolute pathname of the currently executing script. @@ -225,7 +260,7 @@ follow for this appendix. --> - $SERVER_ADMIN + 'SERVER_ADMIN' The value given to the SERVER_ADMIN (for Apache) directive in @@ -237,7 +272,7 @@ follow for this appendix. --> - $SERVER_PORT + 'SERVER_PORT' The port on the server machine being used by the web server @@ -249,7 +284,7 @@ follow for this appendix. --> - $SERVER_SIGNATURE + 'SERVER_SIGNATURE' String containing the server version and virtual host name @@ -259,7 +294,7 @@ follow for this appendix. --> - $PATH_TRANSLATED + 'PATH_TRANSLATED' Filesystem- (not document root-) based path to the current @@ -270,7 +305,7 @@ follow for this appendix. --> - $SCRIPT_NAME + 'SCRIPT_NAME' Contains the current script's path. This is useful for pages @@ -280,7 +315,7 @@ follow for this appendix. --> - $REQUEST_URI + 'REQUEST_URI' The URI which was given in order to access this page; for @@ -288,69 +323,9 @@ follow for this appendix. --> - - - - - - Environment variables - - - These variables are imported into PHP's global namespace from the - environment under which the PHP parser is running. Many are - provided by the shell under which PHP is running and different - systems are likely running different kinds of shells, a - definitive list is impossible. Please see your shell's - documentation for a list of defined environment variables. - - - Other environment variables include the CGI variables, placed - there regardless of whether PHP is running as a server module or - CGI processor. - - - - - - PHP variables - - - These variables are created by PHP itself. The - $HTTP_*_VARS variables are available only if - the track_vars - configuration is turned on. When enabled, the variables are - always set, even if they are empty arrays. This prevents - a malicious user from spoofing these variables. - - - - - As of PHP 4.0.3, track_vars is always turned on, - regardless of the configuration file setting. - - - - - If the register_globals directive - is set, then these variables will also be made available in the - global scope of the script; i.e., separate from the - $HTTP_*_VARS arrays. This feature should be - used with care, and turned off if possible; while the - $HTTP_*_VARS variables are safe, the bare - global equivalents can be overwritten by user input, with - possibly malicious intent. If you cannot turn off register_globals, you must - take whatever steps are necessary to ensure that the data you are - using is safe. - - - - - $argv + 'argv' Array of arguments passed to the script. When the script is @@ -362,7 +337,7 @@ follow for this appendix. --> - $argc + 'argc' Contains the number of command line parameters passed to the @@ -372,7 +347,7 @@ follow for this appendix. --> - $PHP_SELF + 'PHP_SELF' The filename of the currently executing script, relative to @@ -382,84 +357,283 @@ follow for this appendix. --> - - $HTTP_COOKIE_VARS - - - An associative array of variables passed to the current - script via HTTP cookies. - - - - - - $HTTP_GET_VARS - - - An associative array of variables passed to the current - script via the HTTP GET method. - - - - - - $HTTP_POST_VARS - - - An associative array of variables passed to the current - script via the HTTP POST method. - - - - - - $HTTP_POST_FILES - - - An associative array of variables containing information - about files uploaded via the HTTP POST method. See POST method - uploads for information on the contents of - $HTTP_POST_FILES. - - - $HTTP_POST_FILES is available only in PHP - 4.0.0 and later. - - - - - - $HTTP_ENV_VARS - - - An associative array of variables passed to the current - script via the parent environment. - - - - - - $HTTP_SERVER_VARS - - - An associative array of variables passed to the current - script from the HTTP server. These variables are analogous to - the Apache variables described above. - - - + + + + + Environment variables: <varname>$_ENV</varname> + + + + Introduced in 4.1.0. In earlier versions, use + $HTTP_ENV_VARS. + + + + + These variables are imported into PHP's global namespace from the + environment under which the PHP parser is running. Many are + provided by the shell under which PHP is running and different + systems are likely running different kinds of shells, a + definitive list is impossible. Please see your shell's + documentation for a list of defined environment variables. + + + + Other environment variables include the CGI variables, placed + there regardless of whether PHP is running as a server module or + CGI processor. + + + This is a 'superglobal', or automatic global, variable. This + simply means that it is available in all scopes throughout a + script. You don't need to do a global + $_ENV; to access it within functions or methods, as + you do with $HTTP_ENV_VARS. + + + + $HTTP_ENV_VARS contains the same + information, but is not an autoglobal. + + + + If the register_globals directive + is set, then these variables will also be made available in the + global scope of the script; i.e., separate from the + $_ENV and $HTTP_ENV_VARS + arrays. For related information, see the security chapter titled + Using Register + Globals. These individual globals are not autoglobals. + + + + + HTTP Cookies: <varname>$_COOKIE</varname> + + + + Introduced in 4.1.0. In earlier versions, use + $HTTP_COOKIE_VARS. + + + + + An associative array of variables passed to the current script + via HTTP cookies. Automatically global in any scope. + + + + This is a 'superglobal', or automatic global, variable. This + simply means that it is available in all scopes throughout a + script. You don't need to do a global + $_COOKIE; to access it within functions or methods, as + you do with $HTTP_COOKIE_VARS. + + + + $HTTP_COOKIE_VARS contains the same + information, but is not an autoglobal. + + + + If the register_globals directive + is set, then these variables will also be made available in the + global scope of the script; i.e., separate from the + $_COOKIE and $HTTP_COOKIE_VARS + arrays. For related information, see the security chapter titled + Using Register + Globals. These individual globals are not autoglobals. + + + + + HTTP GET variables: <varname>$_GET</varname> + + + + Introduced in 4.1.0. In earlier versions, use + $HTTP_GET_VARS. + + + + + An associative array of variables passed to the current script + via the HTTP GET method. Automatically global in any scope. + + + + This is a 'superglobal', or automatic global, variable. This + simply means that it is available in all scopes throughout a + script. You don't need to do a global + $_GET; to access it within functions or methods, as + you do with $HTTP_GET_VARS. + + + + $HTTP_GET_VARS contains the same + information, but is not an autoglobal. + + + + If the register_globals directive + is set, then these variables will also be made available in the + global scope of the script; i.e., separate from the + $_GET and $HTTP_GET_VARS + arrays. For related information, see the security chapter titled + Using Register + Globals. These individual globals are not autoglobals. + + + + + HTTP POST variables: <varname>$_POST</varname> + + + + Introduced in 4.1.0. In earlier versions, use + $HTTP_POST_VARS. + + + + + An associative array of variables passed to the current script + via the HTTP POST method. Automatically global in any scope. + + + + This is a 'superglobal', or automatic global, variable. This + simply means that it is available in all scopes throughout a + script. You don't need to do a global + $_POST; to access it within functions or methods, as + you do with $HTTP_POST_VARS. + + + + $HTTP_POST_VARS contains the same + information, but is not an autoglobal. + + + + If the register_globals directive + is set, then these variables will also be made available in the + global scope of the script; i.e., separate from the + $_POST and $HTTP_POST_VARS + arrays. For related information, see the security chapter titled + Using Register + Globals. These individual globals are not autoglobals. + + + + + HTTP File upload variables: <varname>$_FILES</varname> + + + + Introduced in 4.1.0. In earlier versions, use + $HTTP_POST_FILES. + + + + + An associative array of items uploaded to the current script + via the HTTP POST method. Automatically global in any scope. + + + + This is a 'superglobal', or automatic global, variable. This + simply means that it is available in all scopes throughout a + script. You don't need to do a global + $_FILES; to access it within functions or methods, as + you do with $HTTP_POST_FILES. + + + + $HTTP_POST_FILES contains the same + information, but is not an autoglobal. + + + + If the register_globals directive + is set, then these variables will also be made available in the + global scope of the script; i.e., separate from the + $_FILES and $HTTP_POST_FILES + arrays. For related information, see the security chapter titled + Using Register + Globals. These individual globals are not autoglobals. + + + + + HTTP REQUEST variables: <varname>$_REQUEST</varname> + + + + Introduced in 4.1.0. There is no equivalent array in earlier + versions. + + + + + An associative array consisting of the contents of + $_GET, $_POST, + $_COOKIE, and $_FILES. + + + + This is a 'superglobal', or automatic global, variable. This + simply means that it is available in all scopes throughout a + script. You don't need to do a global + $_REQUEST; to access it within functions or methods. + + + + If the register_globals directive + is set, then these variables will also be made available in the + global scope of the script; i.e., separate from the + $_REQUEST array. For related information, see + the security chapter titled Using Register + Globals. These individual globals are not autoglobals. + Predefined Classes + + + Standard Defined Classes + + + These classes are defined in the standard set of functions included + in the PHP build. + + + + + Directory + + + The class from which dir is instantiated. + + + + + + - <link linkend="ref.ming">ming</link> Defined Classes + <link linkend="ref.ming">Ming</link> Defined Classes These classes are defined in the @@ -562,14 +736,15 @@ follow for this appendix. --> + - <link linkend="ref.oci8">oci8</link> Defined Constants + <link linkend="ref.oci8">Oracle 8</link> Defined Constants - These constants are defined in the - oci8 - extension, and will only be available when that extension has either - been compiled into PHP or dynamically loaded at runtime. + These constants are defined in the Oracle 8 extension, and will only be + available when that extension has either been compiled into PHP + or dynamically loaded at runtime. @@ -617,26 +792,7 @@ follow for this appendix. --> - - <link linkend="ref.standard">standard</link> Defined Classes - - These classes are defined in the - standard - extension, and will only be available when that extension has either - been compiled into PHP or dynamically loaded at runtime. - - - - - Directory - - - - - - -