Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:50894
Return-Path: <jmertic@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 64022 invoked from network); 7 Dec 2010 12:11:22 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 7 Dec 2010 12:11:22 -0000
Authentication-Results: pb1.pair.com smtp.mail=jmertic@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=jmertic@gmail.com; sender-id=pass; domainkeys=bad
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.82.170 as permitted sender)
DomainKey-Status: bad
X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01
X-PHP-List-Original-Sender: jmertic@gmail.com
X-Host-Fingerprint: 74.125.82.170 mail-wy0-f170.google.com  
Received: from [74.125.82.170] ([74.125.82.170:57863] helo=mail-wy0-f170.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id BF/63-40992-7642EFC4 for <internals@lists.php.net>; Tue, 07 Dec 2010 07:11:21 -0500
Received: by wyb39 with SMTP id 39so5276300wyb.29
        for <internals@lists.php.net>; Tue, 07 Dec 2010 04:11:17 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:received:sender:received
         :in-reply-to:references:date:x-google-sender-auth:message-id:subject
         :from:to:cc:content-type;
        bh=qzvUQUinbgkbiVFWgCdlQqec3hh75rbi53FaCw8STk4=;
        b=k9Ez92xyEFh+kKaorZFUFHEaEwHnjKjKpJmr2BB3IDFgq7Ky2xK+rqP65oIxoChC06
         /PLQSAtBG/gmqHR3wAdetuSPQBFgRr5HdZ7y+FQ5LZVHfJxqOj9sYg7VO/zP15uegc7e
         nMwr7LpVV7N/pHFNx/mwlhazAVaCqWcUb3lSs=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:sender:in-reply-to:references:date
         :x-google-sender-auth:message-id:subject:from:to:cc:content-type;
        b=cJ26dWWaDGvAo9BdBLMiG0cyUKqEJ9oS6fpSULhrzdp95jGfFXnWTuGBF8shxenAJq
         xC7e1O/4joaV/zfdFEsKVeW5kV+bkewiQgppHrYFXsgtSMB5l9w28lR8/jgARfAgoqfs
         PyHsfjqYutR3kfJ4DRF6wc+A1Ue6MME4+leCM=
MIME-Version: 1.0
Received: by 10.227.2.71 with SMTP id 7mr7149603wbi.61.1291723876912; Tue, 07
 Dec 2010 04:11:16 -0800 (PST)
Sender: jmertic@gmail.com
Received: by 10.227.152.210 with HTTP; Tue, 7 Dec 2010 04:11:16 -0800 (PST)
In-Reply-To: <AANLkTikqF1izW8Xr_HHt_Rcqqh74wT1Jy9Qm3K=TXPRz@mail.gmail.com>
References: <op.vnb0shjiidpuyk@damnation.dulce.lo.geleia.net>
	<AANLkTikqF1izW8Xr_HHt_Rcqqh74wT1Jy9Qm3K=TXPRz@mail.gmail.com>
Date: Tue, 7 Dec 2010 07:11:16 -0500
X-Google-Sender-Auth: eGJOaA35YdHMPFVslPc3QrDmllc
Message-ID: <AANLkTikthQnmj0z6wbbdMzeKq2NAfKu0fWFQyCaY9WeY@mail.gmail.com>
To: RQuadling@googlemail.com
Cc: Gustavo Lopes <glopes@nebm.ist.utl.pt>, 
	"internals@lists.php.net" <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8
Subject: Re: [PHP-DEV] [PATCH] Add option to disable POST data processing
From: jmertic@php.net (John Mertic)

On Tue, Dec 7, 2010 at 6:40 AM, Richard Quadling <rquadling@gmail.com> wrote:
> On 7 December 2010 07:08, Gustavo Lopes <glopes@nebm.ist.utl.pt> wrote:
>> The very simple attached patch adds an option to disable POST data
>> processing, which implies the data can only be read in a stream fashion
>> through php://input.
>>
>> As far as I know, PHP offers no way to inhibit processing RFC 1867 data and
>> one has to use very hacky means to accomplish that. This is often required
>> (or at least convenient) in order to, e.g., proxy requests or handle file
>> uploads in memory.
>>
>> For other types of requests, the default processing of POST data may also be
>> a problem. Take a non-application/x-www-form-urlencoded POST requests (say,
>> some kind of RPC with a big XML payload) -- PHP is very memory inefficient
>> as it will hold the whole POST data into memory and duplicate it twice (from
>> SG(request_info).post_data to $HTTP_RAW_POST_DATA -- even if
>> always_populate_raw_post_data=0 -- and SG(request_info).raw_post_data).
>>
>> This introduces a new ini setting, disable_post_data_processing, but it's a
>> benign one. No incompatibilities between setups will arise because no one
>> will enable it globally (it would be insane), only selectively to the
>> scripts that require it. The reason for an ini setting is that it must be
>> set early in the request life.
>>
>> Thoughts?
>>
>> --
>> Gustavo Lopes
>> --
>> PHP Internals - PHP Runtime Development Mailing List
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>
> As I understand things, the super globals are already populated by the
> time the script starts execution.
>
> So, ini_set() will have no impact.
>
> Can you set an ini option for a single script via some other method?
>

Maybe thru an .htaccess file? That should work.

Otherwise, +1 for the patch from me.

John Mertic
jmertic@gmail.com | http://jmertic.wordpress.com