I want to add a header, to request headers, dynamically on the server side.
I am using slim 2 framework which supports middleware.
Here is my usecase:
Client initiates request to url "https://somedomain.com/login" with some Request Headers.
I have middleware say authenticate. Which should add say "UserAddress" to Request Header.
My callback function login() is called. And I need to access "UserAddress" from header.
So following is the code for this route:
function login() {
//Login related stuff
$allHeaders = apache_request_headers();
//Perform some operation on UserAdress from $allHeaders
}
function authenticate(\Slim\Route $route) {
//Perform authentication here
//I am using SUPERFICIAL method `set_apache_request_headers` as reference.
//Here I need to know how I can add new header to REQUEST HEADER
set_apache_request_headers('UserAdress', 'New York');
//Here is what I tried, which did not work when I called apache_request_headers()
//$_SERVER["UserAdress"] = "New York";
}
$app = getSlimInstance();
$app->post('/login', 'authenticate', login);
I tried using $_SERVER, but when I call apache_request_headers(), my header does not show up.
Side Note:
I am using "UserAddress" as my header for reference purpose. Actually I am using different name.
Also I know you guys will say pass that via request body. But due to legacy code I need this in request header.
I just need to know how can I modify the Request Header
Related
Hi i'm pretty new on create endpoints in php.
Now i have to create a little endpoint to intercept some updates from electronic invoice service.
From admin panel of the service i can specify endpoint url where my application is located.
For example I indicate: www.example.com/api/endpoint/index.php
NOte: If I set only www.example.com/api/endpoint/, panel admin tell me there is an error - page not found
Now in the admin panel I see I can intercept these POST methods:
/createInvoice
/createNotification
But i don't undertand HOW to differentiate there 2 methods...
Actually in my index.php i've:
<?php
function call_create_invoice(
...
);
function call_create_notification(
...
);
header('Content-Type: application/json; charset=utf-8');
var_dump($_POST);
If I use POSTMAN to do some test using POST call, i can correctly see $_POST parameters sent.... but i don't understand how to:
call call_create_invoice function if /createInvoice is called
call call_create_notification function if /createNotification is called
If you would stick to vanilla PHP, you need to parse the request URI to call the desired function like:
$path = $SERVER['REQUEST_URI'];
switch($path) {
case('/createInvoice'):
call_create_invoice();
break;
case('/createNotification'):
call_create_notification();
break;
}
As requirements grow, it may make sense to use a minimal PHP framework with routing functionality, such as Laravel Lumen.
I want to send a request with or without 'Token' as a header.
If request has 'Token' as a header: if the user already has that item, it will return the item with the proper item_id of a specific user (based on its token), otherwise it will return null.
If request doesn't have 'Token' as a header: it will return the item with that item_id
I'm working with Zend Framework and in ItemResource I have this method:
public function fetch($id)
{
}
How can I check if my request has Token as a header or not and implement both cases inside fetch()?
Using Laminas API Tools it depends on wether you 're using a RPC or a REST resource. I will explain which tools the Laminas API Tools give you to evaluate the received header data.
You don 't have to reinvent the wheel, because Laminas API Tools has the received headers already at hand, when you 're in your fetch method.
Representational State Transfer (REST)
Rest resources normally extend the \Laminas\ApiTools\Rest\AbstractResourceListener class. This class listens for \Laminas\ApiTools\Rest\ResourceEvent. Fortunately, this event provides you with a request object that also contains the received header data.
<?php
declare(strict_types=1);
namespace Marcel\V1\Rest\Example;
use Laminas\ApiTools\Rest\AbstractResourceListener;
class ExampleResource extends AbstractResourceListener
{
public function fetch($id)
{
// requesting for an authorization header
$token = $this->getEvent()->getRequest()->getHeader('Authorization', null);
if ($token === null) {
// header was not received
}
}
}
As you can see the ResourceEvent returns a \Laminas\Http\Request instance when calling getRequest(). The request instance already contains all request headers you 've received. Just call getHeader with the given name and as second parameter a default value, which should be returned, when the header was not set. If there is no http_token header, you 'll get null as a result.
Remote Procedure Calls (RPC)
Since RPC requests are handled with a MVC controller class, you can get the request as easy as in a rest resource. Controller classes extend from \Laminas\Mvc\Controller\AbstractActionController, which already contains a request instance.
<?php
declare(strict_types=1);
namespace Marcel\V1\Rpc\Example;
use Laminas\Mvc\Controller\AbstractActionController;
class ExampleController extends AbstractActionController
{
public function exampleAction()
{
$token = $this->getRequest()->getHeader('Authorization', null);
if ($token === null) {
// token was not set
}
}
}
As you can see getting header data in rpc requests is as easy as in resource listeners. The procedure is the same because a request instance is also used here.
Conclusion
There is absolutely no need for coding things, that are already there. Just get the request instance from the event or the abstract controller and retrieve the header you want. Always keep in mind, that there are security aspects like CRLF injections, when dealing with raw data. The Laminas framework handles all this for you already.
Additionally you can check for all received headers by calling ->getHeaders() instead of ->getHeader($name, $default). You 'll get a \Laminas\Http\Header instance with all received headers.
You can get all HTTP header values by getallheaders() or just get the specific value by $_SERVER['HTTP_XXX'], in your case, replace XXX with Token, $_SERVER['HTTP_Token'].
Manual: https://www.php.net/manual/en/reserved.variables.server.php
public function fetch($id)
{
$token = $_SERVER['HTTP_Token'];
// do your busniess code
}
Im developing a shopify public application using Official Shopify Php API Library and Codeigniter4. I registered for Product update Webhook in shopify which send response to one of my codeigniter controller.
The problem is after processing the request I see empty header values as follows:
{"Host":{},"User-Agent":{},"Content-Length":{},"Accept":{},"Accept-Encoding":{},"Content-Type":{},"X-Forwarded-For":{},"X-Forwarded-Proto":{},"X-Shopify-Api-Version":{},"X-Shopify-Hmac-Sha256":{},"X-Shopify-Product-Id":{},"X-Shopify-Shop-Domain":{},"X-Shopify-Topic":{},"X-Shopify-Webhook-Id":{}}
the controller is:
class ProdHook Extends Controller{
public function index(){
$headers = $this->request->headers();
print_r($headers);
}
}
The $this->trequest->headers() is returns empty header values. But when I replace this with native php function getallheaders(), I can get all header values without any issues. The output of getallheaders() is :
{"Host":"e703.ngrok.io","User-Agent":"Faraday v1.8.0","Content-Length":"2132","Accept":"/","Accept-Encoding":"gzip;q=1.0,deflate;q=0.6,identity;q=0.3","Content-Type":"application/json","X-Forwarded-For":"34.xx.xxx.11","X-Forwarded-Proto":"https","X-Shopify-Api-Version":"2021-10","X-Shopify-Hmac-Sha256":"xxxxxxxx","X-Shopify-Product-Id":"78803xxxxxx922","X-Shopify-Shop-Domain":"xxxxx.myshopify.com","X-Shopify-Topic":"products/update","X-Shopify-Webhook-Id":"uasdhxxxxx-b30c-fdc6e6865609"}
I don't how to fix this issue. I want to stick with native codeigniter4. Thanks in advance.
Retrieving Headers
You can get access to any header that was sent with the request with
the headers() method, which returns an array of all headers, with
the key as the name of the header, and the value is an instance of
CodeIgniter\HTTP\Header:
$headers = $this->request->headers();
array_walk($headers, function(&$value, $key) {
$value = $value->getValue();
});
print_r($headers);
I would like to remove a specific cookie in a Guzzle response object.
My application uses Slim framework and I make calls to an API with Guzzle. Both Slim and Guzzle implement the Request and Response Interface (Psr7) so I can easily return a Guzzle response in a Slim controller like this :
class APIController {
public function call($request, $response) {
// Do stuff with $request (check body and params, change url, etc)
$client = new \GuzzleHttp\Client();
$response = $client->send($request, []);
return $response;
}
}
Everything works fine but the API returns a cookie I want to remove. I can remove the whole header with :
$response = $response->withoutHeader('Set-Cookie');
Is there a native way in Guzzle to remove a specific cookie by name instead of removing the whole header ?
I have a controller, that when request is Post, it gets the request, and from there I get REMOTE_ADDR, and REQUEST_TIME. The code works just fine, I get that information that I need.
However, I am writing an integration test for the entire flow of my web app, and when I send the request, I get Call to undefined method Zend\Http\Request::getServer() when it gets to that point of my action in the controller.
$server = $this->getRequest()->getServer();
$remoteAddr = $server['REMOTE_ADDR'];
$timestamp = $server['REQUEST_TIME'];
When I do
$request = $this->getRequest();
and look at $request, it has method, uri, queryParams, postParams, fileParams, version, headers, metadata and content.
postData has everything I'm sending via my test, but it crashes when it gets to the point of getting the server.
Any ideas?
Thank you.
The request class your application is using is Zend\Http\PhpEnvironment\Request, which extends Zend\Http\Request with some PHP-specific stuff like getServer(). Change your test to use that and it should work fine.