Variables

A variable is a special container that you can define, which will then "hold" a value, such as a number, string, object, array, or a Boolean. Variables are fundamental to programming. Without variables, we would be forced to hard-code each specific value used in our scripts. Although adding two numbers together and printing the result does solve a simple mathematics problem, such as

 echo (2 + 4); 

This snippet of code is only useful for people who specifically want to know the sum of 2 and 4. To get past this limitation, you could write a script for finding the sum of another set of numbers, say 3 and 5. However, this approach to programming is clearly absurd, and this is where variables come into play.

Variables allow us to create templates for operations, such asadding two numbers, without worrying about the specific values the variables represent. Values will be given to the variables when the script is run, possibly through user input, through a database query, or from the result of another action earlier in the script. In other words, variables should be used whenever the data in your script is liable to changeeither during the lifetime of the script, or when it is passed to another script for later use.

A variable consists of a name of your choosing, preceded by a dollar sign ($). Variable names can include letters, numbers, and the underscore character (_), but they cannot include spaces. Names must begin with a letter or an underscore. The following list shows some legal variables:

 $a; $a_longish_variable_name; $2453; $sleepyZZZZ; 

By the Way

Your variable names should be meaningful as well as consistent in style. For example, if your script deals with name and password values, don't create a variable called $n for the name and $p for the passwordthose are not meaningful names for anyone besides you, at that particular moment. If you pick up that script weeks later, you might think that $n is the variable for "number" rather than "name" and that $p stands for "page" rather than "password," and what if a co-worker has to modify your script? How will he or she know what $n and $p stood for? You can use whatever naming convention you want, for variables in your scripts, as long as the names are descriptive and follow some sort of pattern that can be followed by others.

A semicolon (;)also known as the instruction terminatoris used to end a PHP statement. The semicolons in the previous fragment of code are not part of the variable names, but are used to end the statement that declares the variable as "alive and kicking," if you will. To declare a variable, you need only include it in your script. When you declare a variable, you usually assign a value to it in the same statement, as shown here:

 $num1 = 8; $num2 = 23; 

The preceding lines declare two variables, and use the assignment operator (=) to assign values to them. You will learn about assignment in more detail in the "Operators and Expressions" section later in this chapter. After you assign values to your variables, you can treat them exactly as if they were the values themselves. In other words

 echo $num1; 

is equivalent to

 echo 8; 

as long as $num1 is assigned a value of 8.

Globals and Superglobals

In addition to the rules for naming variables, there are rules regarding the availability of variables. In general, the assigned value of a variable is present only within the function or script where it resides. For example, if you have scriptA.php that holds a variable called $name with a value of joe, and you want to create scriptB.php that also uses a $name variable, you can assign to it a value of jane without affecting scriptA.php. The value of the $name variable is local to each script, and the assigned values are independent of each other.

However, you can also define the $name variable as global within a script or function. If the $name variable is defined as a global variable in both scriptA.php and scriptB.php, and these scripts are connected to each other (one calls the other, or includes the other), there will only be one value for the now-shared $name variable. Examples of global variable scope will be explained in more detail in Chapter 6, "Flow Control Functions in PHP."

In addition to global variables of your own creation, PHP has several predefined variables called superglobals. These variables are always present, and their values available to all of your scripts. Each of the following superglobals is actually an array of other variables:

• $_GET contains any variables provided to a script through the GET method.

• $_POST contains any variables provided to a script through the POST method.

• $_COOKIE contains any variables provided to a script through a cookie.

• $_FILES contains any variables provided to a script through file uploads.

• $_SERVER contains information such as headers, file paths, and script locations.

• $_ENV contains any variables provided to a script as part of the server environment.

• $_REQUEST contains any variables provided to a script via any user input mechanism.

• $_SESSION contains any variables that are currently registered in a session.

The examples in this book will use superglobals wherever possible. Using super-globals within your scripts is important in creating secure applications, as it reduces the likelihood of user-injected input to your scripts. By coding your scripts to only accept what you want, in the manner defined by you (from a form using the POST method, or from a session, for example), you can eliminate some of the problems created by loosely written scripts.