Server Variables Revisited

You have already encountered the predefined elements that PHP, in conjunction with your server, stores in the superglobal $_SERVER array. Generally, $_SERVER elements are made available to PHP by the server (or the shell if you are running a script from the command line). If you are running Apache, all the elements we discuss will likely be accessible to you. If you are running another server, there is no guarantee that $_SERVER will have been populated with all the elements discussed in this hour, so you should check before using them in scripts. Table 14.1 lists some of the $_SERVER elements you might be able to use to find out more about your visitors (see Table 10.1 for a more complete list of $_SERVER elements).

Table 14.1. Some Useful $_SERVER Elements

Variable	Description
$_SERVER['HTTP_REFERER']	The URL from which the current script was called (the misspelling is deliberate).
$_SERVER['HTTP_USER_AGENT']	Information about the browser and platform the visitor is using.
$_SERVER['REMOTE_ADDR']	The visitor's IP address.
$_SERVER['REMOTE_HOST']	The visitor's hostname.
$_SERVER['QUERY_STRING']	The (encoded) string that can be appended to the URL (in the format ?akey=avalue&anotherkey=anothervalue). These keys and values should become available to your scripts in the $_GET and $_REQUEST superglobal arrays.
$_SERVER['PATH_INFO']	Additional information that can be appended to the URL.

Listing 14.1 builds a script that outputs the contents of these variables to the browser.

Listing 14.1 Listing Some Server Variables

 1: <html>
 2: <head>
 3: <title>Listing 14.1 Listing Some $_Server Elements</title>
 4: </head>
 5: <body>
 6: <?php
 7: $envs = array( "HTTP_REFERER", "HTTP_USER_AGENT", "REMOTE_ADDR",
 8:     "REMOTE_HOST", "QUERY_STRING", "PATH_INFO" );
 9: foreach ( $envs as $env )
10:   print "$env: $_SERVER[$env]<br>";
11: ?>
12: </body>
13: </html>

Figure 14.1 shows the output from Listing 14.1. The data in Figure 14.1 was generated as a result of calling the script from a link in another page. The link that called the script looks like this:

<a href="listing 14.1.php/my_path_info?query_key=query_value">listing 14.1</a>

As you can see, the link uses a relative path to call listing14.1 .php.

Additional path information (my_path_info) is included after the document name, which becomes available in $_SERVER['PATH_INFO'].

We have hard-coded a query string (query_key=query_value) into the link, which becomes available in $_SERVER['QUERY_STRING']. You will most often encounter a query string when using a form with a GET method argument, but you can also build your own query strings to pass information from page to page. The query string consists of name value pairs separated by ampersand symbols (&). These pairs are URL encoded, which means that any characters that are illegal or have other meanings in URLs are converted to their hexadecimal equivalents. Although you have access to the entire query string in the $_SERVER['QUERY_STRING'] superglobal variable, you will rarely need to use this. Each key name is available to you as an element of the $_GET and $_REQUEST arrays ($_GET['query_value'] in our example), and these hold a corresponding decoded value (query_value).

The $_SERVER['HTTP_REFERER'] element can be useful to you if you want to track which hits on your script originate from which links. Beware, though: This and other environment variables can be easily faked. You will see how later in this hour. Because correcting it would cause compatibility problems, we are stuck with the incorrect spelling of 'referrer'. Not all browsers supply this header, so you should avoid relying on it.

You can parse the $_SERVER['HTTP_USER_AGENT'] element to work out the platform and browser the visitor is using. Once again, this can be faked. This element can be useful if you need to present different HTML code or JavaScript according to the browser type and version the visitor is using. Hour 8, "Working with Strings," and Hour 18, "Working with Regular Expressions," give you the tools you need to extract any information you want from this string.

The $_SERVER['REMOTE_ADDR'] element contains the user's IP address and can be used to track unique visitors to your site. Be aware, though, that many Web users do not have a fixed IP address. Instead, their Internet service providers dynamically allocate them an address when they dial up. This means that a single IP address might be used by different visitors to your site and a single visitor might enter using different IP addresses from the same account.

The $_SERVER['REMOTE_HOST'] variable might not be available to you, depending on the configuration of your server. If available, it holds the hostname of the user. The presence of this variable requires that the server look up the hostname for every request, so it is often disabled for the sake of efficiency. If you don't have access to this variable, you can acquire it using the value of the $_SERVER['REMOTE_ADDR'] variable. You will see how to do this later in the hour.