Forgetting for a second that it’s a cardinal sin to set values in $_GET, $_POST or $_REQUEST I’ve found an interesting little thing… or maybe I’m only finding it now because I don’t commit cardinal sins…
After all Zend had a post back in 2002 on the subject.
The guts is that the shorthand, super global, $_GET styled variables are not a true alias of their $HTTP_*_VAR equivalents. Change one and you do not change the other.
I was wanting to hide a string from the ever vigilant Nortons Adblocker which meant changing the name of a GET variable and to then let phpAdsNew do it’s job I had to change it back again. phpAdsNew needed it in the array so I had break the rules there. Initially I set the $_GET variable and couldn’t understand why it wouldn’t work, checked the underlying code and saw that phpAdsNew was using the older, safer variable (although many scripts test for the new and use the old if it’s not available, which is more elegant) and therefore couldn’t see my change.
It was a simple fix but an interesting look behind the scenes.