NotionCommotion Posted September 23, 2016 Share Posted September 23, 2016 (edited) I have two curl requests. One works fine and the other causes an error. -sh-4.1$ curl -X POST --header 'Accept: application/json' --header 'api_key: main_key' -d '{ "property_one": "string", "property_two": "string" }' 'http://test.example.com/1.0/test' {"post":{"{_\"property_one\":_\"string\",_\"property_two\":_\"string\"_}":""}} -sh-4.1$ curl -X POST --header 'Content-Type: application/json' -d '{ "property_one": "string", "property_two": "string" }' 'http://test.example.com/1.0/test' <br /> <b>Deprecated</b>: Automatically populating $HTTP_RAW_POST_DATA is deprecated and will be removed in a future version. To avoid this warning set 'always_populate_raw_post_data' to '-1' in php.ini and use the php://input stream instead. in <b>Unknown</b> on line <b>0</b><br /> <br /> <b>Warning</b>: Cannot modify header information - headers already sent in <b>Unknown</b> on line <b>0</b><br /> {"post":[]}<br /> Per http://php.net/manual/en/migration56.deprecated.php#migration56.deprecated.raw-post-data: $HTTP_RAW_POST_DATA and always_populate_raw_post_data ¶always_populate_raw_post_data will now generate an E_DEPRECATED error when $HTTP_RAW_POST_DATA is populated. New code should use php://input instead of $HTTP_RAW_POST_DATA, which will be removed in a future release. You can opt in for the new behaviour (in which $HTTP_RAW_POST_DATA is never defined hence no E_DEPRECATED error will be generated) by setting always_populate_raw_post_data to -1. How and where am I automatically populating $HTTP_RAW_POST_DATA? EDIT. I just changed my php.ini file and set always_populate_raw_post_data=-1, and now don't get the error, but PHP doesn't receive the POST data. I am obviously doing something wrong by setting the content type header and passing post data. Please advise. Edited September 23, 2016 by NotionCommotion Quote Link to comment Share on other sites More sharing options...
requinix Posted September 23, 2016 Share Posted September 23, 2016 Set the value to -1 (as you did) and use file_get_contents("php://input") instead of $HTTP_RAW_POST_DATA. Quote Link to comment Share on other sites More sharing options...
NotionCommotion Posted September 23, 2016 Author Share Posted September 23, 2016 Set the value to -1 (as you did) and use file_get_contents("php://input") instead of $HTTP_RAW_POST_DATA. I searched for the term HTTP_RAW_POST_DATA in all my script, and it doesn't exist. Quote Link to comment Share on other sites More sharing options...
kicken Posted September 23, 2016 Share Posted September 23, 2016 Maybe some library you are using is making use of the variable. Quote Link to comment Share on other sites More sharing options...
NotionCommotion Posted September 24, 2016 Author Share Posted September 24, 2016 Maybe some library you are using is making use of the variable. grep -rnw . -e "HTTP_RAW_POST_DATA" doesn't show anything. You feel confident that I must be somehow using it, and should look deeper? Recommendations where to look? Thanks Quote Link to comment Share on other sites More sharing options...
requinix Posted September 24, 2016 Share Posted September 24, 2016 At the very least errors attributed to Unknown:0 are often bugs in and of themselves for not giving accurate or usable information. Taking that mentality, the first step is reproducing the bug with a minimal test case. Is that possible? What kind of application are you using? Can you debug through it to at least find out when the error messages are being outputted? Quote Link to comment Share on other sites More sharing options...
NotionCommotion Posted September 24, 2016 Author Share Posted September 24, 2016 Thanks Requinix, By the way, I am using PHP 5.6.25. This is about as minimal as I can get. The headers might not have anything to do with it. Maybe I am not passing JSON, but passing a form with what I thought was JSON in it? Still have a hard time grasping what is happening, and would appreciate any insight. My purpose is to allow cross domain posts, and the headers came from swagger's documentation. I am thinking of getting rid of them, and just adding Header set Access-Control-Allow-Origin "*" to httpd.conf. always_populate_raw_post_data set to default (0?) -sh-4.1$ curl -X POST --header 'Accept: application/json' --header 'api_key: main_key' -d '{ "property_one": "string", "property_two": "string" }' 'http://test.example.com/headertest_no_set_headers.php' array(1) { ["{_"property_one":_"string",_"property_two":_"string"_}"]=> string(0) "" } -sh-4.1$ curl -X POST --header 'Content-Type: application/json' -d '{ "property_one": "string", "property_two": "string" }' 'http://test.example.com/headertest_no_set_headers.php' <br /> <b>Deprecated</b>: Automatically populating $HTTP_RAW_POST_DATA is deprecated and will be removed in a future version. To avoid this warning set 'always_populate_raw_post_data' to '-1' in php.ini and use the php://input stream instead. in <b>Unknown</b> on line <b>0</b><br /> <br /> <b>Warning</b>: Cannot modify header information - headers already sent in <b>Unknown</b> on line <b>0</b><br /> array(0) { } -sh-4.1$ curl -X POST --header 'Accept: application/json' --header 'api_key: main_key' -d '{ "property_one": "string", "property_two": "string" }' 'http://test.example.com/headertest_set_headers.php' array(1) { ["{_"property_one":_"string",_"property_two":_"string"_}"]=> string(0) "" } -sh-4.1$ curl -X POST --header 'Content-Type: application/json' -d '{ "property_one": "string", "property_two": "string" }' 'http://test.example.com/headertest_set_headers.php' <br /> <b>Deprecated</b>: Automatically populating $HTTP_RAW_POST_DATA is deprecated and will be removed in a future version. To avoid this warning set 'always_populate_raw_post_data' to '-1' in php.ini and use the php://input stream instead. in <b>Unknown</b> on line <b>0</b><br /> <br /> <b>Warning</b>: Cannot modify header information - headers already sent in <b>Unknown</b> on line <b>0</b><br /> <br /> <b>Warning</b>: Cannot modify header information - headers already sent in <b>/var/www/test/src/public/headertest_set_headers.php</b> on line <b>3</b><br /> <br /> <b>Warning</b>: Cannot modify header information - headers already sent in <b>/var/www/test/src/public/headertest_set_headers.php</b> on line <b>4</b><br /> <br /> <b>Warning</b>: Cannot modify header information - headers already sent in <b>/var/www/test/src/public/headertest_set_headers.php</b> on line <b>5</b><br /> array(0) { } always_populate_raw_post_data set to -1 -sh-4.1$ curl -X POST --header 'Accept: application/json' --header 'api_key: main_key' -d '{ "property_one": "string", "property_two": "string" }' 'http://test.example.com/headertest_no_set_headers.php' array(1) { ["{_"property_one":_"string",_"property_two":_"string"_}"]=> string(0) "" } -sh-4.1$ curl -X POST --header 'Content-Type: application/json' -d '{ "property_one": "string", "property_two": "string" }' 'http://test.example.com/headertest_no_set_headers.php' array(0) { } -sh-4.1$ curl -X POST --header 'Accept: application/json' --header 'api_key: main_key' -d '{ "property_one": "string", "property_two": "string" }' 'http://test.example.com/headertest_set_headers.php' array(1) { ["{_"property_one":_"string",_"property_two":_"string"_}"]=> string(0) "" } -sh-4.1$ curl -X POST --header 'Content-Type: application/json' -d '{ "property_one": "string", "property_two": "string" }' 'http://test.example.com/headertest_set_headers.php' array(0) { } -sh-4.1$ <?php //headertest_set_headers.php header('Access-Control-Allow-Origin: http://swagger-ui.badobe.com'); header('Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Origin, Authorization'); header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS'); var_dump($_REQUEST); exit; <?php //headertest_no_set_headers.php var_dump($_REQUEST); exit; Quote Link to comment Share on other sites More sharing options...
requinix Posted September 24, 2016 Share Posted September 24, 2016 Ah. 1. You need to set the Content-Type in the request if you are passing any kind of data. If you don't then it seems PHP assumes application/x-www-form-urlencoded, which is why $_REQUEST gets that odd-looking value. If you set a Content-Type that PHP is not familiar with (basically neither that one or multipart/form-data) then PHP will take a different path of interpreting the body and not really do anything. However that path triggers code which deals with the $HTTP_RAW_POST_DATA stuff - not necessarily the variable itself but logic related to it. 2. $_REQUEST only works for application/x-www-form-urlencoded and multipart/form-data. Because those are key/value pairs that fit well into the $_REQUEST array. When you specify application/json content then $_REQUEST will not be filled and you need to use php://input to get the raw JSON. Your code should be like if ($_SERVER["REQUEST_METHOD"] == "POST") { if (stricmp($_SERVER["CONTENT_TYPE"], "application/json") == 0) { $json = @json_decode(file_get_contents("php://input")); } else { // maybe accept other formats } } else { // ? } Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.