views:

689

answers:

7

According to many sources, register_globals (global variables that is) should be disables in your php.ini. Should I write define() in my code and use constants if global variables are disabled? Are those even related?

A: 

Constants, once defined, cannot be changed.

Don't use constants as variables. If you need to use variables within functions, pass them into the function itself. Use everything in the way it was intended to be used. Variables are variable and Constants are constant.

Jonathan Sampson
I want to use constants to be able to pass around directory names.
sombe
If the directory value isn't expected to change, then by all means, use a constant :)
Jonathan Sampson
+4  A: 

They are related in that they have global scope, but constants are meant to not change once defined, unlike global variables which the page can modify as it goes along. So just switching over to using define() instead of a global won't help much.

It's better if you refactor your methods to take the variables as parameters and rely on that to pass variables around.

Parrots
I want to have some pre-set variables like directory names that would be global, and accessible all over. I also want global variables to be disabled. Can I use define() in this case?
sombe
If you don't intend to modify the variable as the page executes, then yes, this is the proper use for define.
Parrots
@Gal, yes, this is a fine reason to use them, as you are not going to be changing directories at run-time.
GSto
+2  A: 

A few things here.

First, the register_globals that you disable in your php.ini refers to an old PHP feature where any variable sent via a query string (GET) or form (GET/POST) would be converted into a global PHP variable. This is the functionality that is (and should be) disabled when you turn off register_globals. Even with this off, you can still define global variables in your application.

In general programming terms, global variables (not PHP's register_globals) are considered "bad" because when you encounter one as a programmer, you have no idea what other parts of the application might be using or changing it, or what effect your changes to that global might have. Also, if you're defining a new global variable, there's a chance you're going to overwriting an existing variable that someone else is relying on. When variables are defined locally (in a single function, or in other languages a single block) you can examine the local scope and usually determine what a change to that variable will do.

Constants, on the other hand, never change. You define them once, and they stay defined and no one can change them. That's why having global constants is considered "less bad" than having global variables.

Alan Storm
Constants are still bad then? Should I use sessions to pass around stuff like directory names and such?
sombe
constants aren't just 'less bad'. they are a perfectly acceptable thing to use in many cases, such as what Gal is saying about directories.
GSto
Constants are fine, although you'll find convincing arguments that you shouldn't use constants in the global namespace (i.e. only class constants thought be used). There's no right answer here, only answers with different trade offs.
Alan Storm
A: 

Global variables aren't constant (you can change the value of a global variable, but you can only define a constant once).

Constants aren't always global (you can declare a constant in a class).

Also, global variables can be any type: scalar, array, or object. Constants can only be scalars.

I'm not going to say either constants or globals are good or bad. When used appropriately, they both have beneficial uses. There are security issues around the register_globals feature that are separate from more general use of globals.

Bill Karwin
A: 

Some constant examples:

<?php

// Certainly constant
define('MINUTES_PER_HOUR', 60);
define('DOZEN', 12);

// Constant, but specific to this application
define('GREETING', 'Dear %s');
define('TIMEOUT', 30);

// Configurable, but constant for this installation
define('DATABASE', 'mydb');
define('IMAGES_DIRECTORY', '/tmp/images');

// Not constant, or some other reason why can't be constant
$user = $_POST['userid'];
$days_of_week = array('Mo', 'Tu', 'We', 'Th', 'Fr', 'Sa', 'Su');

?>
Sjoerd
A: 

Try this simple test:

fileA.php:

<?php
define('SOMEVAL', 2);
?>

fileB.php:

<?php
if(defined('SOMEVAL')) echo SOMEVAL;
else echo "SOMEVAL does not exists\n";
include 'fileA.php';
if(defined('SOMEVAL')) echo 'SOMEVAL='.SOMEVAL;
else echo "SOMEVAL does not exists\n";
?>

Then run fileB.php and you'll see that before you include fileA.php, SOMEVAL is not defined. So what this means is that before you define anything, it won't be visible to the script.

Daniel
A: 

Something else to consider -- constants can't store things like arrays or objects, whereas something defined to $GLOBALS can be any variable type. So in some cases, if you need something to be global but it can't be stored to a constant by using define(), you might want to use $GLOBALS instead.

Also, register_globals and $GLOBALS are NOT the same thing!

Travis