$_GET

(PHP 4 >= 4.1.0, PHP 5, PHP 7, PHP 8)

$_GETHTTP GET variables

Description

An associative array of variables passed to the current script via the URL parameters (aka. query string). Note that the array is not only populated for GET requests, but rather for all requests with a query string.

Examples

Example #1 $_GET example

<?php
echo 'Hello ' htmlspecialchars($_GET["name"]) . '!';
?>

Assuming the user entered http://example.com/?name=Hannes

The above example will output something similar to:

Hello Hannes!

Notes

Note:

This is a 'superglobal', or automatic global, variable. This simply means that it is available in all scopes throughout a script. There is no need to do global $variable; to access it within functions or methods.

Note:

The GET variables are passed through urldecode().

add a note add a note

User Contributed Notes 1 note

up
1
An Anonymous User
2 years ago
<?php
// It is important to sanitize
// input! Otherwise, a bad actor
// could enter '<script src="evilscript.js"></script>'
// in a URL parameter. Assuming you echo it, this
// would inject scripts in an XSS attack.
//
// The solution:
$NAME = $_GET['NAME'];
// Bad:
echo $NAME;
// that one is vulnerable to XSS
// Good:
echo htmlspecialchars($NAME);
// Sanitizes input thoroughly.
?>
To Top