这被称为注册全局变量。如果服务器注册全局变量，那么你可以这样做。

我建议不要在任何服务器上注册全局变量。因为它可能会在系统中引入安全漏洞。

一个安全漏洞的例子。

 if（$ auth == true）
 {
 //敏感的东西在这里
} 

如果auth只是一个常规变量，那么我可以在URL中执行此操作。

http://www.example.com/page.php?auth=true

并查看敏感信息。

I've been doing PHP for a while now, never needed assistance, but totally confused this time. I have a single line of code with one echo statement.

Problem: URL parameters are automatically assuming PHP variable values of the same name. For example, I have a URL with a parameter named 'var_name' like this:

http://www.example.com?var_name=abc123

and a 1-line PHP script with a variable named 'var_name', like this:

echo $var_name;

then I get output on the page of: abc123

This is the only code in the PHP page! This behavior is exactly how I expect $_GET to work, but I'm not using it.

I am having this problem only on 1 specific server, which is running PHP 5.2. I have tested on 4 other servers, none have this behavior. I assume it's a PHP config issue, but running default config and can't find anything in config documention. Please help.

Thanks in advance. Matt-

This is called register globals. If a server has register globals turned on, then you can do this.

I would recommend not to have register globals on any server. Since it can introduce a security flaw in your system.

An example of a security flaw with this.

if($auth == true)
{
    // sensitive stuff here
}

If auth is just a regular variable, then I can do this in the URL.

http://www.example.com/page.php?auth=true

And see the sensitive information.