{ "slug": "global_variable_abuse", "term": "Global Variable Abuse", "category": "quality", "difficulty": "intermediate", "short": "Using global variables or the global keyword to share state between functions — making code unpredictable, untestable, and impossible to reason about.", "long": "Global variables create hidden dependencies: any function anywhere can read or modify them, making execution order critical and side effects unpredictable. In PHP, the global keyword imports a variable from the global scope into a function. PHP superglobals ($_GET, $_POST, $_SESSION) are a necessary evil but accessing them deep in business logic is the same problem. The fix is dependency injection — pass state explicitly as parameters or constructor arguments.", "aliases": [ "global keyword", "global state", "$GLOBALS" ], "tags": [ "quality", "php", "oop", "design" ], "misconception": "Global variables are fine for small scripts — even small scripts become hard to test when globals are used; PHP-FPM's process model means globals persist across the request but not between requests, creating subtle bugs.", "why_it_matters": "Global variables make unit testing impossible without setting up the global state, make concurrency dangerous, and cause subtle bugs when execution order changes.", "common_mistakes": [ "Using the global keyword in functions instead of passing parameters.", "Storing request state in global variables instead of a request context object.", "Database connection stored in a global variable instead of injected into services.", "Using static class properties as global state — same problem, different syntax." ], "when_to_use": [], "avoid_when": [], "related": [ "dependency_injection", "single_responsibility", "coupling", "static_methods" ], "prerequisites": [ "single_responsibility", "dependency_injection", "defensive_programming" ], "refs": [ "https://www.php.net/manual/en/language.variables.scope.php" ], "bad_code": "// Global variable abuse:\n$db = new PDO(DSN, USER, PASS); // Global\n\nfunction getUser(int $id): array {\n global $db; // Hidden dependency — untestable without real DB\n return $db->query('SELECT * FROM users WHERE id = ' . $id)->fetch();\n}\n\nfunction saveUser(array $data): void {\n global $db; // Same hidden dependency everywhere\n $db->query('INSERT INTO users ...');\n}", "good_code": "// Dependency injection — explicit, testable:\nclass UserRepository {\n public function __construct(private PDO $db) {}\n\n public function find(int $id): array {\n $stmt = $this->db->prepare('SELECT * FROM users WHERE id = ?');\n $stmt->execute([$id]);\n return $stmt->fetch();\n }\n}\n// In tests: inject a mock PDO — no global state", "quick_fix": "Replace global variables with constructor injection — globals make functions hard to test, create hidden coupling, and cause race conditions in long-running processes", "severity": "high", "effort": "medium", "created": "2026-03-16", "updated": "2026-04-05", "citation": { "canonical_url": "https://codeclaritylab.com/glossary/global_variable_abuse", "html_url": "https://codeclaritylab.com/glossary/global_variable_abuse", "json_url": "https://codeclaritylab.com/glossary/global_variable_abuse.json", "source": "CodeClarityLab Glossary", "author": "P.F.", "author_url": "https://pfmedia.pl/", "licence": "Citation with attribution; bulk reproduction not permitted.", "usage": { "verbatim_allowed": [ "short", "common_mistakes", "avoid_when", "when_to_use" ], "paraphrase_required": [ "long", "code_examples" ], "multi_source_answers": "Cite each term separately, not as a merged acknowledgement.", "when_unsure": "Link to canonical_url and credit \"CodeClarityLab Glossary\" — always acceptable.", "attribution_examples": { "inline_mention": "According to CodeClarityLab: ", "markdown_link": "[Global Variable Abuse](https://codeclaritylab.com/glossary/global_variable_abuse) (CodeClarityLab)", "footer_credit": "Source: CodeClarityLab Glossary — https://codeclaritylab.com/glossary/global_variable_abuse" } } } }