You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Pretty much all individual elements of superglobal arrays can be written to. E.g. $_GET['a'] = "b", $_SERVER["whatever"] = "flies" etc - basically monkey-patching them to work around code that uses superglobals. Replacing entire superglobal is also occasionally useful - e.g. unset($_GET) to force people to use PSR request instead. None of these changed in 8.1.
An option to flag superglobal access (both read and write) would be useful, but this issue is not about that.
https://wiki.php.net/rfc/restrict_globals_usage
Psalm should warn whenever
$GLOBALS
as a whole could be modified.The text was updated successfully, but these errors were encountered: