PHP Velho Oeste 2024


(PHP 4 >= 4.1.0, PHP 5, PHP 7, PHP 8)

$_GETHTTP GET variables


An associative array of variables passed to the current script via the URL parameters (aka. query string). Note that the array is not only populated for GET requests, but rather for all requests with a query string.


Example #1 $_GET example

echo 'Hello ' . htmlspecialchars($_GET["name"]) . '!';

Assuming the user entered

The above example will output something similar to:

Hello Hannes!



This is a 'superglobal', or automatic global, variable. This simply means that it is available in all scopes throughout a script. There is no need to do global $variable; to access it within functions or methods.


The GET variables are passed through urldecode().

add a note add a note

User Contributed Notes 2 notes

2 years ago
If you're tired of typing $var = $_GET['var'] to get variables, don't forget that you can also use:

extract($_GET, EXTR_PREFIX_ALL, "g")

So if you have $_GET['under'], you can do $g_under. It's way shorter if you have more get elements! If you don't want prefix, do


to get normal. So $_GET['under'] would become $under. Might not extract under if it already exists, however.
An Anonymous User
2 years ago
// It is important to sanitize
// input! Otherwise, a bad actor
// could enter '<script src="evilscript.js"></script>'
// in a URL parameter. Assuming you echo it, this
// would inject scripts in an XSS attack.
// The solution:
$NAME = $_GET['NAME'];
// Bad:
echo $NAME;
// that one is vulnerable to XSS
// Good:
echo htmlspecialchars($NAME);
// Sanitizes input thoroughly.
To Top