## Chapter 13: Web Basics - How PHP Talks to the Internet **Understanding web requests is like learning the language your website speaks with browsers!** **PHP superglobals are like special mailboxes that automatically receive different types of messages from the web!** ### What Are Superglobals? **Superglobals are PHP's way of organizing incoming information - like having different inboxes for different types of mail!** | Superglobal | What It Contains | Real-World Analogy | |-------------|------------------|-------------------| | `$_GET` | Information in the URL (query parameters) | Address on an envelope | | `$_POST` | Information sent privately (form data) | Contents inside the envelope | | `$_SERVER` | Details about the web server | Post office information | | `$_FILES` | Uploaded files | Package delivery | | `$_COOKIE` | Small pieces of stored data | Sticky notes the browser keeps | | `$_SESSION` | Temporary user information | Shopping cart you carry around | ### Reading Query Parameters (GET) - Information in the Address **GET parameters are like writing on the outside of an envelope - everyone can see them!** **Example: A greeting page that remembers your name** **Request URL:** `/hello.php?name=Meera&age=25` **What happens:** ``` Browser: "Hey server, give me hello.php and here's some info: name=Meera&age=25" Server: "Got it! Let me check my $_GET mailbox..." ``` **Code:** ```php <?php // Get the name from the URL, default to "Guest" if not provided $name = $_GET["name"] ?? "Guest"; $age = $_GET["age"] ?? "Unknown"; echo "Hello $name! You are $age years old."; ?> ``` **Why `htmlspecialchars` is your bodyguard:** **`htmlspecialchars` is not decoration - it's like wearing protective gear! It prevents bad guys from injecting malicious scripts into your page.** **Without protection (DANGEROUS):** ```php <?php // NEVER DO THIS! echo "Hello " . $_GET["name"]; // Bad user could inject JavaScript! ?> ``` **With protection (SAFE):** ```php <?php // Always do this! echo "Hello " . htmlspecialchars($_GET["name"], ENT_QUOTES, "UTF-8"); ?> ``` **Real-world example - A search page:** ```php <?php $searchTerm = $_GET["q"] ?? ""; $category = $_GET["category"] ?? "all"; $page = (int)($_GET["page"] ?? 1); if ($searchTerm) { echo "Searching for '$searchTerm' in category '$category', page $page"; } else { echo "Please enter a search term"; } ?> ``` ---