In a php script (foo.php), I include a file (db_connection.php) that contains the db connect info.

I call a SELECT statement through a function in the foo.php file. Instead of passing the db connect variable to the function, is it ok to use the global keyword for the db connect in the function itself? or would this create a security issue?

Is it safer to pass a variable as opposed to using the global keyword?

eg:

// Contents of foo.php
require (db_connection.php)
require (select.php)

$get_contents = get_contents($ID);

// end foo.php

// contents of select.php
function get_contents ($ID)
{
global $db_connect_var;

// execute select statement
}

// end select.php