Posted by pdrake on March 26, 2012 at 6:17pm
Below is a list of superglobals used in 8.x core and what facilities are present for accessing the same information via the Symfony\Component\HttpFoundation\Request object. If more than one facility is available, options are listed in order of specificity/recommendation/preference. If I overlooked any uses of superglobals in core, please let me know. This list does not include superglobals used in scripts/*. The intent of this list is to provide a starting point for refactoring 8.x core to eliminate the use of superglobals, which is not only desirable, but may be required to properly support sub-requests.
- $_ENV (currently not used in core)
- $_COOKIE
- Request->cookies->get()
- $_FILES
- Request->files->get()
- $_GET
- Request->query->get()
- $_POST
- Request->request->get()
- $_REQUEST
- Request->get() (default order is $_GET -> array() (PATH_INFO?) -> $_POST instead of $_GET -> $_POST -> $_COOKIE, does not respect request_order())
- Request->query->get(N, Request->request->get(N, Request->cookies->get(N, NULL)))
- $_SESSION
- $_SERVER
- random bytes (use http://www.php.net/manual/en/function.mt-rand.php#97977?)
- $_SERVER['argc']
- Currently not available (used by drupal_is_cli())
- $_SERVER['argv']
- Requires Symfony\Component\Console\Input\ArgvInput ?
- $_SERVER['HTTP_ACCEPT_ENCODING']
- Request->headers->get()
- $_SERVER['HTTP_ACCEPT_LANGUAGE']
- Request->getPreferredLanguage()
- Request->getLanguages()
- Request->headers->get()
- $_SERVER['HTTP_HOST']
- Request->getHttpHost()
- Request->headers->get()
- $_SERVER['HTTP_IF_MODIFIED_SINCE']
- HttpCache->lookup() (uses HttpCache->validate())
- Request->headers->get()
- $_SERVER['HTTP_IF_NONE_MATCH']
- Request->getETags()
- Request->headers->get()
- $_SERVER['HTTP_REFERER']
- Request->headers->get()
- $_SERVER['HTTP_USER_AGENT']
- Request->headers->get()
- $_SERVER['HTTP_X_REQUESTED_WITH']
- Request->isXmlHttpRequest()
- Request->headers->get()
- $_SERVER['HTTPS']
- Request->isSecure()
- Request->getScheme()
- Request->server->get()
- $_SERVER["PHP_AUTH_USER"]
- Request->headers->get('AUTHORIZATION')
- Request->server->get()
- $_SERVER["PHP_AUTH_PW"]
- Request->headers->get('AUTHORIZATION')
- Request->server->get()
- $_SERVER['PHP_SELF']
- Request->getPath() (currently used like basename($_SERVER['PHP_SELF']))
- Request->server->get()
- $_SERVER['QUERY_STRING']
- Request->getQueryString()
- Request->server->get()
- $_SERVER['REMOTE_ADDR']
- Request->getClientIp()
- Request->server->get()
- $_SERVER['REQUEST_METHOD']
- Request->getMethod()
- Request->server->get()
- $_SERVER['REQUEST_TIME']
- Request->server->get()
- $_SERVER['REQUEST_URI']
- Request->getRequestUri()
- Request->server->get()
- $_SERVER[$reverse_proxy_header]
- Request->headers->get()
- $_SERVER['SCRIPT_NAME']
- Request->getScriptName() (needs $_SERVER['SCRIPT_FILENAME'] for windows? maybe not with PHP5?)
- Request->server->get()
- $_SERVER['SERVER_PORT'] (not needed due to Request->getBaseUrl()?)
- Request->getPort()
- Request->server->get()
- $_SERVER['SERVER_PROTOCOL']
- Request->isSecure()
- Request->getScheme()
- Request->server->get()
- $_SERVER['SERVER_SOFTWARE']
- Request->server->get()
- $_SERVER['WINDIR']
- Request->server->get()
Comments
Thanks!
Thanks for the list. Not sure if this is also the correct place in which to track d.o. issues for cleaning all this up, but http://drupal.org/node/1183208 has a patch for removing $_GET['q'].
Drupal Change Records
@pdrake @effulgentsia
Maybe a good place for this sort of documentation is in the Core change log