Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:78855 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 82744 invoked from network); 9 Nov 2014 15:11:40 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 9 Nov 2014 15:11:40 -0000 Authentication-Results: pb1.pair.com header.from=rowan.collins@gmail.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=rowan.collins@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.212.173 as permitted sender) X-PHP-List-Original-Sender: rowan.collins@gmail.com X-Host-Fingerprint: 209.85.212.173 mail-wi0-f173.google.com Received: from [209.85.212.173] ([209.85.212.173:42441] helo=mail-wi0-f173.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id AC/80-05117-B248F545 for ; Sun, 09 Nov 2014 10:11:40 -0500 Received: by mail-wi0-f173.google.com with SMTP id n3so8342196wiv.6 for ; Sun, 09 Nov 2014 07:11:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=user-agent:in-reply-to:references:mime-version :content-transfer-encoding:content-type:subject:from:date:to :message-id; bh=PNUeLPx8PXEW9STpg8+/OwbXvfyktJLrakS9mEJt3YA=; b=fTL1eM8ldAlPS2/8EJyp0Tp6aUP4lIQdCgEKdCeMtlwN0BbjmLrChXg+izMSpXDOjS Z8tXm0z3peB33zJEq8r9MxxQ+pkD++ARPARiSwobYOsea5Xc0LqVdu2elvo/nxRg9Bmc 7j9veR9NgkSohi2EK/o84dwzjXDuIP5QWd1m2Kwuv65wQs3c7KEGA5QNO33QumGprAi0 3SpAUE6D6UUg3mtNGVfTd5TQHga6nmbs1vKtuSPUrseAv5xpLsL6eHqO9wbKPwb6UFDN HqvJ/EkgREgzpAQRLfl2U659kK7sZB4CGwKMREi69KkCyGSQEqtmdlUVKmyyFuCc3sv3 6Xgg== X-Received: by 10.194.143.7 with SMTP id sa7mr35261570wjb.110.1415545896425; Sun, 09 Nov 2014 07:11:36 -0800 (PST) Received: from [192.168.0.3] (cpc68956-brig15-2-0-cust215.3-3.cable.virginm.net. [82.6.24.216]) by mx.google.com with ESMTPSA id rx8sm19482378wjb.30.2014.11.09.07.11.35 for (version=TLSv1.2 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sun, 09 Nov 2014 07:11:35 -0800 (PST) User-Agent: K-9 Mail for Android In-Reply-To: <1DDB6E05-3143-4A74-8B13-AF85222579BA@ajf.me> References: <1DDB6E05-3143-4A74-8B13-AF85222579BA@ajf.me> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 Date: Sun, 09 Nov 2014 15:10:31 +0000 To: PHP Internals Message-ID: Subject: Re: [PHP-DEV] New Standardized HTTP Interface From: rowan.collins@gmail.com (Rowan Collins) On 6 November 2014 00:31:18 GMT, Andrea Faulds wrote: > >> On 5 Nov 2014, at 22:29, Sherif Ramadan >wrote: >> >> From all the people I've spoken with that have a problem with >handling PUT >> requests in PHP, it seems that they'd rather have PHP populate >> $_FILES/$_POST automatically in this case. Which would be relatively >easy >> to do by modifying the default post reader function in the SAPI >> http://lxr.php.net/xref/PHP_5_6/main/php_content_types.c#51 however, >that >> is itself a small BC break. >> >> Does anyone have any recommendations on what they think the best >approach >> is? I'd appreciate any feedback/suggestions/constructive-criticism. >Thanks! > >I don’t think auto-populating for PUT/DELETE etc. is a good idea, >they’re quite different semantically. If I send a DELETE request to >code expecting a POST, and PHP pretends it’s a POST request, that’s >bad. > >However, I think the solution is simple: Add a function to do >multipart/form-data parsing. Not a suite of functions, not a class, >just one simple function. That way, for the few people that need it, >they can do $_POST = >multipart_form_data_parse(file_get_contents(‘php://input')); and their >problem’s solved. I haven't caught up with every post in this thread, but I think this is actually the cleanest approach - functions which expose, or behave identically to, the parsing done to populate $_POST and $_FILE A few weeks back, there was a discussion about supporting a particular binary serialisation format (I forget the name), and it occurred to me that we could have a framework for switching between various encodings, perhaps a bit like ext/filter. For the current case, you might write something like $_POST = decode_from_string(file_get_contents('php://input'), ENC_MULTIPART_FORM_DATA) It could provide a much-needed decoder for session serialisation (without the awkward side effects of session_decode()), and expose an interface for other extensions to register formats. This would be great for REST applications, because they could pass the incoming content type header to switch() and select a format (and perhaps some optional flags) to pass to the generic decoder. The actual detail of expected formats, preferred flags, and the destination of the parsed data would be in the PHP application, where it can be easily tweaked, while the hard work of reading through the bytes, which users shouldn't need to modify anyway, would be left to C code. All without the behaviour of the SAPIs themselves having to change at all, as long as php://input is correctly populated. Regards, -- Rowan Collins [IMSoP]