Menu
According to php manual nor php://input neither $HTTP_RAW_POST_DATA work with multipart/form-data POST-requests.
"php://input allows you to read raw POST data. It is a less memory intensive alternative to $HTTP_RAW_POST_DATA and does not need any special php.ini directives. php://input is not available with enctype="multipart/form-data"."
How can I get raw data for multipart/form-data forms?
294
The preferred method for accessing the raw POST data is php://input . $HTTP_RAW_POST_DATA is not available with enctype="multipart/form-data" . This feature was DEPRECATED in PHP 5.6. 0, and REMOVED as of PHP 7.0.
If the data is in another format, such as JSON, or if the data doesn't conform to PHP's quirks (such as the rules for having [] on the end of keys with the same name) then you might want to access the data directly so you can parse it yourself. That is the raw POST data.
PHP $_POST is a PHP super global variable which is used to collect form data after submitting an HTML form with method="post". $_POST is also widely used to pass variables.
PHP Reading Request Data Reading raw POST data Usually data sent in a POST request is structured key/value pairs with a MIME type of application/x-www-form-urlencoded . However many applications such as web services require raw data, often in XML or JSON format, to be sent instead.
Direct answer: you can not do that. PHP insists on parsing it itself, whenever it sees the multipart/form-data Content-Type. The raw data will not be available to you. Sadly. But you can hack around it.
I hit a similar problem, a partner was sending incorrectly formatted data as multipart/form-data, PHP could not parse it and was not giving it out so I could parse it myself.
The solution? I added this to my apache conf:
<Location "/backend/XXX.php"> SetEnvIf Content-Type ^(multipart/form-data)(.*) NEW_CONTENT_TYPE=multipart/form-data-alternate$2 OLD_CONTENT_TYPE=$1$2 RequestHeader set Content-Type %{NEW_CONTENT_TYPE}e env=NEW_CONTENT_TYPE </Location> This will change the Content-Type of incoming request to XXX.php from multipart/form-data to multipart/form-data-alternate, which is enough to block PHP from trying to parse it
After this you can finally read the whole raw data from php://input and parse it yourself.
It is ugly, but I have not found a better or in fact any other solution - short of asking the partner to fix their side.
NB! When you do what I described here, $_FILES will be empty.
93
You can set enable_post_data_reading = Off and PHP won't intercept multipart/form-data data.
Requires: PHP 5.4
38
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
