PHP From ZeroModern PHP course

reference appendices

Predefined Variables

PHP provides superglobals and other predefined variables for request, server, environment, session, cookie, upload, and command-line data. Treat values from these arrays as untrusted input.

Use This Reference When

  • Reading a query parameter or form field.
  • Handling uploaded files.
  • Finding CLI arguments or selected server metadata.

Read Input Deliberately

PHP example
<?php

$page = filter_input(INPUT_GET, 'page', FILTER_VALIDATE_INT) ?: 1;
echo $page . PHP_EOL;

// Prints 1 when no valid query parameter is present.

Know the common superglobals: $_GET, $_POST, $_FILES, $_COOKIE, $_SESSION, $_SERVER, $_ENV, and $GLOBALS. Availability and contents depend on runtime configuration and request type.

Practice

Validate a Query Parameter

Read a page number from query input, require a positive integer, and default to page one.

Show solution

Validate the external value, then check the domain constraint. FILTER_VALIDATE_INT accepts integers, but the application still needs to reject values below one.