Craige, Marc, Nitsan,Bastien,
Thanks for your reply!
This is my understanding and comment from your replies:

(1) If the web server do have assign anonymous request ID to each HTTP request from client browser, and assign $_POST to each request ID and works within request ID scope, this is fine with session or without session.

(2) If the above is not the case, then session is required. However web server still need to provide each session ID a $_POST array and works within this scope.

(3) If the web server does not work in case(1) neither case(2), then include user ID into $_POST is appropriate, e.g.
instead of just

So, which of the 3 cases above is appropriate?


"Craige Leeder" <> wrote in message
While yes $_POST is a supergloabal, even a superglobal has it's own scope. The scope of $_POST is to the call of the user to the web server. Therefor, no User A's information will not be overwritten by User B's information.

Hope this helps. Let me know if you want any further clarification. This was just a very simplified answer.

Keith wrote:
Let's say user A and user B submitting purchase order form with "order.php" at the same time, with method=post action='confirmation.php'.

(1) Will $_POST['order'] submitted by user A replaced by $_POST['order'] submitted by user B, and the both user A & B getting the same order, which is made by user B? Why?

(2) Since $_POST['xxx'] is superglobal array, will $_POST['order'] read by users other than A & B? In shared hosting server environment, are all domains hosted within that server using the same $_POST array? Can $_POST array accessible by all domains even if not from the originating domain?

Thx for clarification!


PHP General Mailing List (
To unsubscribe, visit:

Reply via email to