php中PHP 的 $_POST、$HTTP_RAW_POST_DATA 和 php://input有什么不同-PHP源码-php.cn

Home

php教程

PHP源码

php中PHP 的 $_POST、$HTTP_RAW_POST_DATA 和 php://input有什么不同

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 08, 2016 pm 05:19 PM

datanbspphppostraw

$_POST、$HTTP_RAW_POST_DATA 和 php://input都可以接受数据了，那么它们三者的区别到底在哪里呢，我们来看来看这篇文章是如何介绍的。

Mac Pro 电脑编译安装了 PHP 5.6.21，先前的系统运行时报如下警告级错误：
Deprecated: Automatically populating $HTTP_RAW_POST_DATA is deprecated and will be removed in a future version. To avoid this warning set 'always_populate_raw_post_data' to '-1' in php.ini and use the php://input stream instead.

意思是自动变量 $HTTP_RAW_POST_DATA 已过时，将来会被移除，使用 php://input 流方式代替！

总结：区别 PHP 的 $_POST、$HTTP_RAW_POST_DATA 和 php://input

1、HTML

enctype Attribute

application/x-www-form-urlencoded 传送之前所有的字符都会被encoded，（spaces 被转换为+、特殊字符被转换为ASCII HEX）

multipart/form-data 没有字符被encoded，一般用upload
text/plain Spaces被转换为 + ，但是特殊字符不会被encoded
For example, the key-value pairs
name: Jonathan Doe
age: 23
formula: a + b == 13%!
are encoded as the following raw data:
name=Jonathan+Doe&age=23&formula=a+%2B+b+%3D%3D+13%25%21

$_POST

Array

(

[name] => Jonathan Doe

[age] => 23

[formula] => a + b == 13%!

)

$HTTP_RAW_POST_DATA

print_r($GLOBALS['HTTP_RAW_POST_DATA']);

name=Jonathan+Doe&age=23&formula=a+%2B+b+%3D%3D+13%25%21

php://input

$post_data = file_get_contents('php://input');
print_r($post_data);

name=Jonathan+Doe&age=23&formula=a+%2B+b+%3D%3D+13%25%21
name=Jonathan+Doe&age=23&formula=a+%2B+b+%3D%3D+13%25%21

2、$_POST

$_POST是最常用的获取表单的方式，它是以关联数组方式组织提交的数据，并对此进行编码处理，如urldecode，甚至编码转换，识别的数据类型是PHP默认识别的数据类型 application/x-www.form-urlencoded
无法解析如 text/xml，application/json，soap 等非 application/x-www.form-urlencoded 数据类型的内容

3、$HTTP_RAW_POST_DATA

PHP默认识别的数据类型是application/x-www.form-urlencoded，用Content-Type=application/json 类型，提交的POST数据这时候 $_POST 就无法获取到了，但是使用 $GLOBALS['HTTP_RAW_POST_DATA'] 可以获取到。因为在PHP无法识别 Content-Type 的时候，就会把 POST 数据填入到 $HTTP_RAW_POST_DATA 中。
设置 php.ini 中的 always_populate_raw_post_data 值为 On 才会生效
当 $_POST 可以取到值时 $HTTP_RAW_POST_DATA 为空
不能用于 enctype="multipart/form-data"
PHP7中已经移除了这个全局变量，用 php://input 替代，使用 always_populate_raw_post_data 会导致在填充 $HTTP_RAW_POST_DATA 时产生 E_DEPRECATED 错误。请使用 php://input 替代 $HTTP_RAW_POST_DATA，因为它可能在后续的 PHP 版本中被移除。设置always_populate_raw_post_data 为 -1 （这样会强制 $HTTP_RAW_POST_DATA 未定义，所以也不会导致 E_DEPRECATED的错误）来体验新的行为。

4、php://input

php://input 可通过输入流以文件读取方式取得未经处理的 POST 原始数据，允许读取 POST 的原始数据。和 $HTTP_RAW_POST_DATA 比起来，它给内存带来的压力较小。
不需要任何特殊的 php.ini 设置
不能用于 enctype="multipart/form-data"

总结

1、如果是 application/x-www-form-urlencoded 和 multipart/form-data 格式用 $_POST；
2、如果不能获取的时候比如 text/xml、application/json、soap，使用 file_get_contents('php://input')；

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Assassin's Creed Shadows: Seashell Riddle Solution

3 weeks agoByDDD

What's New in Windows 11 KB5054979 & How to Fix Update Issues

2 weeks agoByDDD

Where to find the Crane Control Keycard in Atomfall

3 weeks agoByDDD

Assassin's Creed Shadows - How To Find The Blacksmith And Unlock Weapon And Armour Customisation

1 months agoByDDD

Roblox: Dead Rails - How To Complete Every Challenge

3 weeks agoByDDD

Hot Tools

mPDF

mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),

SecLists

SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.