Saifur's Blog
$_SERVER Superglobal array in PHP

$_SERVER Superglobal array in PHP

Saifur Rahman Mahin's photo
Saifur Rahman Mahin
·

14 min read

Table of contents

$_SERVER Superglobal array in PHP

$_SERVER['REQUEST_METHOD'] in PHP is used to determine the HTTP request method used by the client to access a script. The HTTP request method is a crucial piece of information for web applications because it allows developers to understand the nature of the incoming request and take appropriate actions.

Here's an exploration of $_SERVER elements categorized based on their purpose:

1. Server Information:

  • $_SERVER['SERVER_SOFTWARE']: The server software being used.

  • $_SERVER['SERVER_NAME']: The name of the server host.

  • $_SERVER['SERVER_ADDR']: The IP address of the server.

  • $_SERVER['SERVER_PORT']: The port on the server machine being used for communication.

2. Request Information:

  • $_SERVER['REQUEST_METHOD']: The request method (e.g., 'GET', 'POST').

  • $_SERVER['REQUEST_URI']: The URI (Uniform Resource Identifier) that was requested.

  • $_SERVER['QUERY_STRING']: The query string part of the URL.

  • $_SERVER['HTTP_HOST']: The host header from the current request.

  • $_SERVER['HTTP_USER_AGENT']: The user agent string of the client's browser.

  • $_SERVER['HTTP_REFERER']: The referring page (the page that linked to the current page).

3. Client Information:

  • $_SERVER['REMOTE_ADDR']: The IP address of the client making the request.

  • $_SERVER['REMOTE_PORT']: The port of the client machine for the request.

  • $_SERVER['HTTP_USER_AGENT']: The user agent string of the client's browser.

  • $_SERVER['HTTP_ACCEPT_LANGUAGE']: The preferred language of the client's browser.

4. File Paths and Script Locations:

  • $_SERVER['DOCUMENT_ROOT']: The root directory of the server where the script is executed.

  • $_SERVER['PHP_SELF']: The filename of the currently executing script.

  • $_SERVER['SCRIPT_NAME']: The path of the current script.

  • $_SERVER['SCRIPT_FILENAME']: The absolute pathname of the currently executing script.

5. Security Information:

  • $_SERVER['HTTPS']: Set to a non-empty value if the request was made through the HTTPS protocol.

  • $_SERVER['REQUEST_SCHEME']: The scheme (http or https) used in the request.

  • $_SERVER['SERVER_PROTOCOL']: The name and revision of the information protocol.

6. Additional Elements:

  • $_SERVER['GATEWAY_INTERFACE']: The revision of the CGI (Common Gateway Interface) specification used by the server.

  • $_SERVER['SERVER_ADMIN']: The email address for server administrator.

  • $_SERVER['SERVER_SIGNATURE']: String containing the server version and virtual host name.

  • $_SERVER['SCRIPT_URI']: The URI of the current script.

7. Content Negotiation:

  • $_SERVER['HTTP_ACCEPT']: Content types accepted by the browser.

  • $_SERVER['HTTP_ACCEPT_CHARSET']: Character sets accepted by the browser.

  • $_SERVER['HTTP_ACCEPT_ENCODING']: Encodings accepted by the browser.

  • $_SERVER['HTTP_ACCEPT_LANGUAGE']: Languages accepted by the browser.

Note:

  • This categorization is a general organization based on common use cases. Some elements may fit into multiple categories.

  • Not all $_SERVER elements are included in this list. Refer to the official PHP documentation for a comprehensive list: PHP $_SERVER Documentation.

Let's provide examples for each category to illustrate how these $_SERVER elements can be used:

Here are examples for each topic using the PHP $_SERVER variables:

1. Server Information:

echo $_SERVER['SERVER_SOFTWARE'];  // Outputs: Apache/2.4.41 (Unix)
echo $_SERVER['SERVER_NAME'];      // Outputs: example.com
echo $_SERVER['SERVER_ADDR'];      // Outputs: 192.168.1.1
echo $_SERVER['SERVER_PORT'];      // Outputs: 80

2. Request Information:

echo $_SERVER['REQUEST_METHOD'];   // Outputs: GET
echo $_SERVER['REQUEST_URI'];      // Outputs: /index.php?page=home
echo $_SERVER['QUERY_STRING'];     // Outputs: page=home
echo $_SERVER['HTTP_HOST'];        // Outputs: example.com
echo $_SERVER['HTTP_USER_AGENT'];  // Outputs: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
echo $_SERVER['HTTP_REFERER'];     // Outputs: http://referrer.com

3. Client Information:

echo $_SERVER['REMOTE_ADDR'];      // Outputs: 203.0.113.42
echo $_SERVER['REMOTE_PORT'];      // Outputs: 54321
echo $_SERVER['HTTP_USER_AGENT'];  // Outputs: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
echo $_SERVER['HTTP_ACCEPT_LANGUAGE']; // Outputs: en-US,en;q=0.9,fr;q=0.8

4. File Paths and Script Locations:

echo $_SERVER['DOCUMENT_ROOT'];    // Outputs: /var/www/html
echo $_SERVER['PHP_SELF'];         // Outputs: /index.php
echo $_SERVER['SCRIPT_NAME'];      // Outputs: /index.php
echo $_SERVER['SCRIPT_FILENAME'];  // Outputs: /var/www/html/index.php

5. Security Information:

echo $_SERVER['HTTPS'];            // Outputs: on (if using HTTPS)
echo $_SERVER['REQUEST_SCHEME'];   // Outputs: https (if using HTTPS)
echo $_SERVER['SERVER_PROTOCOL'];  // Outputs: HTTP/1.1

6. Additional Elements:

echo $_SERVER['GATEWAY_INTERFACE']; // Outputs: CGI/1.1
echo $_SERVER['SERVER_ADMIN'];      // Outputs: webmaster@example.com
echo $_SERVER['SERVER_SIGNATURE'];  // Outputs: Apache/2.4.41 (Unix) Server at example.com Port 80
echo $_SERVER['SCRIPT_URI'];        // Outputs: http://example.com/index.php?page=home

7. Content Negotiation:

echo $_SERVER['HTTP_ACCEPT'];        // Outputs: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
echo $_SERVER['HTTP_ACCEPT_CHARSET']; // Outputs: ISO-8859-1,utf-8;q=0.7,*;q=0.7
echo $_SERVER['HTTP_ACCEPT_ENCODING']; // Outputs: gzip, deflate, br
echo $_SERVER['HTTP_ACCEPT_LANGUAGE']; // Outputs: en-US,en;q=0.9,fr;q=0.8

These examples demonstrate how to access and utilize various $_SERVER variables in PHP to gather information about the server, request, client, file paths, security, additional server elements, and content negotiation.

Include the examples as follows:

<?php
// 1. Server Information
echo $_SERVER['SERVER_SOFTWARE'] . "<br>";  // Outputs: Apache/2.4.41 (Unix)
echo $_SERVER['SERVER_NAME'] . "<br>";      // Outputs: example.com
echo $_SERVER['SERVER_ADDR'] . "<br>";      // Outputs: 192.168.1.1
echo $_SERVER['SERVER_PORT'] . "<br>";      // Outputs: 80
echo "<br>";

// 2. Request Information
echo $_SERVER['REQUEST_METHOD'] . "<br>";   // Outputs: GET
echo $_SERVER['REQUEST_URI'] . "<br>";      // Outputs: /index.php?page=home
echo $_SERVER['QUERY_STRING'] . "<br>";     // Outputs: page=home
echo $_SERVER['HTTP_HOST'] . "<br>";        // Outputs: example.com
echo $_SERVER['HTTP_USER_AGENT'] . "<br>";  // Outputs: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
echo $_SERVER['HTTP_REFERER'] . "<br>";     // Outputs: http://referrer.com
echo "<br>";

// 3. Client Information
echo $_SERVER['REMOTE_ADDR'] . "<br>";      // Outputs: 203.0.113.42
echo $_SERVER['REMOTE_PORT'] . "<br>";      // Outputs: 54321
echo $_SERVER['HTTP_USER_AGENT'] . "<br>";  // Outputs: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
echo $_SERVER['HTTP_ACCEPT_LANGUAGE'] . "<br>"; // Outputs: en-US,en;q=0.9,fr;q=0.8
echo "<br>";

// 4. File Paths and Script Locations
echo $_SERVER['DOCUMENT_ROOT'] . "<br>";    // Outputs: /var/www/html
echo $_SERVER['PHP_SELF'] . "<br>";         // Outputs: /index.php
echo $_SERVER['SCRIPT_NAME'] . "<br>";      // Outputs: /index.php
echo $_SERVER['SCRIPT_FILENAME'] . "<br>";  // Outputs: /var/www/html/index.php
echo "<br>";

// 5. Security Information
echo $_SERVER['HTTPS'] . "<br>";            // Outputs: on (if using HTTPS)
echo $_SERVER['REQUEST_SCHEME'] . "<br>";   // Outputs: https (if using HTTPS)
echo $_SERVER['SERVER_PROTOCOL'] . "<br>";  // Outputs: HTTP/1.1
echo "<br>";

// 6. Additional Elements
echo $_SERVER['GATEWAY_INTERFACE'] . "<br>"; // Outputs: CGI/1.1
echo $_SERVER['SERVER_ADMIN'] . "<br>";      // Outputs: webmaster@example.com
echo $_SERVER['SERVER_SIGNATURE'] . "<br>";  // Outputs: Apache/2.4.41 (Unix) Server at example.com Port 80
echo $_SERVER['SCRIPT_URI'] . "<br>";        // Outputs: http://example.com/index.php?page=home
echo "<br>";

// 7. Content Negotiation
echo $_SERVER['HTTP_ACCEPT'] . "<br>";        // Outputs: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
echo $_SERVER['HTTP_ACCEPT_CHARSET'] . "<br>"; // Outputs: ISO-8859-1,utf-8;q=0.7,*;q=0.7
echo $_SERVER['HTTP_ACCEPT_ENCODING'] . "<br>"; // Outputs: gzip, deflate, br
echo $_SERVER['HTTP_ACCEPT_LANGUAGE'] . "<br>"; // Outputs: en-US,en;q=0.9,fr;q=0.8
?>

Save this code in a file with a .php extension (e.g., server_info.php). When you run this file on a server, it will output the information corresponding to the server, request, client, file paths, security, additional server elements, and content negotiation.

1.Why these $_SERVER elements related to server information are important:

Understanding server information is crucial for web developers and administrators as it provides insights into the server environment and helps in various aspects of web development and maintenance. Here's why these $_SERVER elements related to server information are important:

  1. $_SERVER['SERVER_SOFTWARE']:

    • Purpose: This element provides information about the software and version running on the server.

    • Use Case: It helps developers ensure compatibility with specific server software versions and may influence server-side code based on the server software's capabilities.

  2. $_SERVER['SERVER_NAME']:

    • Purpose: Indicates the name of the server host.

    • Use Case: Useful for identifying the server in a network. It can be used for logging, debugging, or generating dynamic content based on the server's identity.

  3. $_SERVER['SERVER_ADDR']:

    • Purpose: Specifies the IP address of the server.

    • Use Case: Important for networking and security purposes. It helps in identifying the server's location and can be used for access control or logging.

  4. $_SERVER['SERVER_PORT']:

    • Purpose: Provides the port number on the server machine used for communication.

    • Use Case: Useful when creating URLs or establishing connections. For example, when generating links, it ensures that the correct port is included in URLs.

In summary, these server information variables are essential for ensuring compatibility, identifying and securing the server, and generating dynamic content based on server characteristics. They play a crucial role in web development, server management, and debugging processes.

2.Why these $_SERVER elements related to request information are important:

Understanding request information is crucial for web developers because it provides details about the current client request. Here's why these $_SERVER elements related to request information are important:

  1. $_SERVER['REQUEST_METHOD']:

    • Purpose: Indicates the HTTP request method used by the client (e.g., 'GET', 'POST').

    • Use Case: Essential for determining the type of operation the client is requesting. For example, it helps differentiate between requests for information ('GET') and requests that modify data ('POST').

  2. $_SERVER['REQUEST_URI']:

    • Purpose: Contains the URI (Uniform Resource Identifier) that was requested by the client.

    • Use Case: Useful for extracting specific parts of the URL, like path segments or query parameters. Developers can use this information to route the request to the appropriate handler.

  3. $_SERVER['QUERY_STRING']:

    • Purpose: Provides the query string part of the URL.

    • Use Case: Enables developers to parse and extract parameters sent with the request. This is valuable for handling form submissions, search queries, or any other data passed through the URL.

  4. $_SERVER['HTTP_HOST']:

    • Purpose: Contains the host header from the current request.

    • Use Case: Important for applications that host multiple domains on the same server. Developers can use this information to dynamically generate URLs or handle requests based on the specified host.

  5. $_SERVER['HTTP_USER_AGENT']:

    • Purpose: Contains the user agent string of the client's browser.

    • Use Case: Allows developers to adapt content based on the client's browser or device. This information is valuable for implementing responsive designs or serving specific content optimized for different browsers.

  6. $_SERVER['HTTP_REFERER']:

    • Purpose: Contains the referring page, i.e., the page that linked to the current page.

    • Use Case: Useful for tracking where users are coming from. It can be used to customize the user experience, track marketing campaign effectiveness, or prevent unauthorized access based on referral source.

In summary, these request information variables are essential for tailoring server responses, handling different types of requests, extracting parameters, and adapting content based on the client's environment. They provide valuable insights into the nature of the incoming request, allowing developers to build dynamic and responsive web applications.

3.Here's why these client information variables are important:

Client information provided by $_SERVER variables is crucial for web developers to tailor their responses and enhance the user experience. Here's why these client information variables are important:

  1. $_SERVER['REMOTE_ADDR']:

    • Purpose: Contains the IP address of the client making the request.

    • Use Case: Important for security and logging purposes. It helps identify the origin of the request and can be used for access control or tracking user activity.

  2. $_SERVER['REMOTE_PORT']:

    • Purpose: Provides the port of the client machine for the request.

    • Use Case: While less commonly used in web development, it can be relevant for network troubleshooting or specific server configurations where port information is needed.

  3. $_SERVER['HTTP_USER_AGENT']:

    • Purpose: Contains the user agent string of the client's browser.

    • Use Case: Enables developers to adapt the content based on the client's browser or device. This is crucial for implementing responsive designs, serving compatible content, or identifying and handling specific browsers.

  4. $_SERVER['HTTP_ACCEPT_LANGUAGE']:

    • Purpose: Indicates the preferred language of the client's browser.

    • Use Case: Valuable for internationalization and localization. Developers can use this information to serve content in the user's preferred language if multiple language options are available.

In summary, these client information variables assist developers in personalizing the user experience, enhancing security, and adapting content based on the characteristics of the client's environment. They are particularly useful for creating responsive and user-friendly web applications that cater to the diverse preferences and behaviors of users accessing the site from different devices and locations.

4.Why these $_SERVER variables related to file paths and script locations are important:

Understanding file paths and script locations is essential for web developers to manage and manipulate files, include resources, and organize code efficiently. Here's why these $_SERVER variables related to file paths and script locations are important:

  1. $_SERVER['DOCUMENT_ROOT']:

    • Purpose: Specifies the root directory of the server where the script is executed.

    • Use Case: Important for creating absolute file paths. This is often used when including or requiring files, ensuring that the paths are specified correctly regardless of the script's location.

  2. $_SERVER['PHP_SELF']:

    • Purpose: Contains the filename of the currently executing script.

    • Use Case: Useful for constructing self-referencing URLs or creating dynamic navigation links. It can be used to generate links that point to the current script.

  3. $_SERVER['SCRIPT_NAME']:

    • Purpose: Provides the path of the current script.

    • Use Case: Similar to PHP_SELF, it can be used for creating URLs and navigation links. It's often used in conjunction with basename() to extract just the filename from the path.

  4. $_SERVER['SCRIPT_FILENAME']:

    • Purpose: Contains the absolute pathname of the currently executing script.

    • Use Case: Valuable for tasks that require the full path to the script, such as reading or writing files. It provides a precise reference to the script's location on the server.

In summary, these file paths and script location variables help developers manage the organization of their code, create flexible and accurate file references, and generate dynamic links. They play a crucial role in ensuring that scripts can access the necessary files and resources, regardless of the server's configuration or the script's location within the file structure.

5.Why these security-related variables are important:

Security information provided by $_SERVER variables is essential for web developers to ensure the secure transmission of data and to make informed decisions about handling requests. Here's why these security-related variables are important:

  1. $_SERVER['HTTPS']:

    • Purpose: Set to a non-empty value if the request was made through the HTTPS protocol.

    • Use Case: Crucial for determining whether the connection is secure. Developers can use this information to enforce secure connections for sensitive transactions, such as login or payment processes, and to generate secure URLs.

  2. $_SERVER['REQUEST_SCHEME']:

    • Purpose: Contains the scheme (http or https) used in the request.

    • Use Case: Similar to HTTPS, this variable provides information about the protocol used. It can be used to dynamically construct URLs with the appropriate scheme or to enforce specific security measures based on the request scheme.

  3. $_SERVER['SERVER_PROTOCOL']:

    • Purpose: Provides the name and revision of the information protocol.

    • Use Case: Important for understanding the version of the protocol being used. While it may not be as commonly used as HTTPS, it can be valuable for protocol-specific features or troubleshooting.

In summary, these security-related $_SERVER variables are crucial for web developers to implement security measures and ensure the integrity of data transmitted between the client and the server. They allow developers to make informed decisions about handling requests based on the security context and help in enforcing secure communication practices.

6.Why these additional elements are useful:

Additional elements provided by $_SERVER variables offer information about the server environment and its configuration. Here's why these additional elements are useful:

  1. $_SERVER['GATEWAY_INTERFACE']:

    • Purpose: Indicates the revision of the CGI (Common Gateway Interface) specification used by the server.

    • Use Case: Relevant for understanding the server's CGI version, which can be important for compatibility with certain server configurations or legacy systems.

  2. $_SERVER['SERVER_ADMIN']:

    • Purpose: Contains the email address for the server administrator.

    • Use Case: Valuable for contact and administrative purposes. It provides a quick way to identify and contact the person responsible for server maintenance or troubleshooting.

  3. $_SERVER['SERVER_SIGNATURE']:

    • Purpose: Contains a string with the server version and virtual host name.

    • Use Case: Can be used for debugging or informational purposes. However, care should be taken not to expose sensitive information in production environments.

  4. $_SERVER['SCRIPT_URI']:

    • Purpose: Provides the URI of the current script.

    • Use Case: Similar to $_SERVER['REQUEST_URI'], this variable can be used to construct self-referencing URLs or for any situation where the full URI of the script is needed.

In summary, these additional $_SERVER elements provide information about the server configuration, administration contacts, and the current script's URI. While not as commonly used in everyday web development, they can be valuable for certain administrative or debugging scenarios where deeper insights into the server environment are necessary. Developers may use these elements to ensure compatibility, facilitate communication, or gather diagnostic information.

7.Why these content negotiation variables are important

Content negotiation elements provided by $_SERVER variables are crucial for web developers to tailor their responses based on the preferences and capabilities of the client's browser. Here's why these content negotiation variables are important:

  1. $_SERVER['HTTP_ACCEPT']:

    • Purpose: Contains the content types accepted by the client's browser.

    • Use Case: Enables servers to respond with the most appropriate content type based on what the client can accept. This is essential for providing content in various formats, such as HTML, JSON, or XML.

  2. $_SERVER['HTTP_ACCEPT_CHARSET']:

    • Purpose: Indicates the character sets accepted by the client's browser.

    • Use Case: Allows servers to serve content in the preferred character set of the client. Useful for internationalization and ensuring that content is displayed correctly for users with different language preferences.

  3. $_SERVER['HTTP_ACCEPT_ENCODING']:

    • Purpose: Contains the encodings accepted by the client's browser.

    • Use Case: Helps in optimizing content delivery by allowing servers to compress data before transmission if the client supports compression. This can significantly reduce the amount of data transferred, improving page load times.

  4. $_SERVER['HTTP_ACCEPT_LANGUAGE']:

    • Purpose: Indicates the languages accepted by the client's browser.

    • Use Case: Essential for delivering content in the user's preferred language. It enables the server to serve localized content, enhancing the user experience for a global audience.

In summary, these content negotiation $_SERVER variables allow developers to customize and optimize the content delivery process based on the capabilities and preferences of the client's browser. This leads to a more efficient and user-friendly experience, as content is tailored to the specific requirements of each user, including their preferred content types, character sets, encodings, and languages.

Did you find this article valuable?

Support Saifur's Blog by becoming a sponsor. Any amount is appreciated!

PHP