I have an app that sends a request to my server, you can see the code below:
Method: POST
multipart/form-data; boundary=—————————14737809831466499882746641449
Content-Type Content-Disposition: form-data; name=\'Stackoverflow\'; filename=\'.%#\'\r\n
Content-Type: application/octet-stream\r\n\r\n
This request works and I receive a real request in my PHP Server, the problem is that I am not knowing catch these values with PHP, since the commands $_GET['name'] and $_POST['name'] are not working.
How can I handle this parameters?
This is not much to solve the Problem.
Are you opening the site like that: http://www.example.com/index.php?getvar=test
or like that: http://www.example.com/index.php
?
in the second case it can't get an $_GET value because there is no variable
in the first case try to check if the variable exists like that: if(isset($_GET['getvar']))
and check if the $_POST variable exists before using it.
if not you should look over your code and correct your mistakes.
If you need more help please post the php code in here.
you should look into $_FILES['filename'] ('filename' is name of parameter containing file), there will be info about uploaded file.
it contains array, from which you probably want 'tmp_name' key ($_FILES['filename']['tmp_name']), which contains temporary location of stored file. This temporary file will be deleted after the end of request, so you will want to move it elswhere.
not sure if docs are helpful in this situation, but there they are:
http://php.net/manual/en/reserved.variables.files.php
Related
How does one access and receive back a variable from a PHP file with a HTTP Request?
I have gotten a HTTP Request to connect to my .PHP file. What I wanted to do next is for example reference that I want to receive $testvariable = 1; back but I have no idea where to begin. The HTTP parameters don't really let me reference this $testvariable directly.
What if the PHP file has simply one function and at the end of it it does a return $testvariable;? Would HTTP receive back this one variable? What if I need more than one. Maybe try and get the PHP to place parameters in the URL and the HTTP reads those parameters in the url? Maybe these "headers" are key to this...
I figured it out. HTTP Request gets back ALL that is on your HTML page. It seems like it ignores <html><body> tags but everything else in the body gets taken back at your response. Even if your answer is " 1 " but you have a single space around it your response is 1 including blank spaces. You need a clean "1".
Passing variables works by using the contents field. You place your values and assign them to a string like number= that then gets posted on the page. When a page is loaded, it can look for a variable under the same name like $test = $_POST['number']; and take the value within that variable and use it further where it needs to on your page.
I am using an email template that is included using file_get_contents in my email script file.
The data from my contactform is posted to that email script. I would like to display the posted data inside the template layout. I can't echo the variables containing the posted data in the template file, so how would I do this?
file_get_contents only returns the text if I'm correct so it doesn't recognize variables right?
Actually you CAN turn the file you request with file_get_contents into a PHP file to echo your data. You need to use GET variables when you request the file with file_get_contents example:
file_get_contents('http://somedomain.com/somefile.php?name=yourname');
After you do that, the requested PHP file gets executed on the server before it returns the result. so you can simply echo your data in the template at the desired place.
echo $_GET['name'];
as #marc B commented:
This will NOT work unless you use a full-blown url, causing an http request. your "url" will cause PHP to do a LOCAL fopen and look for a file which has the literal characters ?, n, a etc.. in the filename.
This is my my index.php file
<?php
print_r($_POST);
exit;
?>
I'm posting to my website using postman in chrome, but nothing gets there. I get back only
Array
(
)
I know that postman works because I used it when I had free webhosting. Now I asked a friend for a little space on his website, but for some reason the post data is not printed.How can I solve this ?
Here is a photo with what is happening: http://6pix.net/images/16687663370157764163.png .
Here are the Possible Mistakes and the way to debug it
1. Check if your web server supports php
You can check this by running a .php file with some output statements such as echo
2. Check if you are pointing the page properly
You shall check this by outputting some content
3. Try with full path
Some servers needs to get full path i.e., it won't support point the index.html or index.php if the directory path was given
Additional Note :
If the above issues doesn't helps then you might check with the .htaccess , blocking of REST Calls etc.,.
If you really (like shown within your screenshot) do
print_r($_REQUEST);
please check your php.ini for your
request_order
variables_order
If "post" is not within that order, $_REQUEST will not have "post" content inside.
I have a REST service where I want to update a file over PUT.
When I use POST I used the following to get the uploaded file:
/**
* #var Request $request
*/
$request->files->get('file');
How to get an uploaded file send as PUT in Symfony Framework?
When you receive a POST request, you get a form submitted with one or more fields, and these fields include any files (possibly more than one file). The Content-Type is multipart/form-data.
When you PUT a file, the file's data is the request body. It's like the opposite of downloading a file with GET, where the file's content is the response body. In this case, if you receive a JPG file via a PUT request, the Content-Type will be image/jpeg. Of course this means you can only submit one file with each PUT request.
You should therefore use $request->getContent() to receive the data. If the content has other information in addition to the submitted file, then technically speaking it is a malformed PUT request, and should probably be sent as a POST instead.
Although you can't send any other fields with a PUT request, you can still use the query string to provide some additional short fields where appropriate. For example you might upload a file via a PUT request to /api/record/123/attachment?filename=example.pdf. This would allow you to receive both an uploaded file, another data field (the filename) and the ID (123) of the record to attach the upload to.
The easiest way where you don't need to change your api you submit the file and data you want to change as method POST and add query parameter ?_method=PUT to the url. In your front controller app.php/index.php you need to enable this feature with:
Request::enableHttpMethodParameterOverride();
one of my php page returns data like this:
<?php
//...
echo "json string";
?>
but someone else use file_get_contents() to get my data and use in other website.
can anybody tell me what can i do to prevent such thing happen.
i consider if i can get the request's domain name to echo something else.but i dont know
the function to get request's domain name.and if the request is sent by a server,that
will be unhelpful. My English is poor, to express doubts, please bear with.
you can also use sessions. if somewhere in your application, before the user gets the json data, you start a session, then in this page where you are outputting json data, you can check for the session variable. this way only users that have passed the session generator page, can view your output.
suppose you have page A.php that generates the session. use this code before outputting anything in this page.
session_start();
$_SESSION['approvedForJson'] = true;
then in your page where you are outputting json data, before outputting anything, call session_start() again. the beginning of your PHP code is a good place to call it.
then before outputting the json data, check if the session variable for approved users exists, or not.
if ( isset($_SESSION['approvedForJson']) && $_SESSION['approvedForJson'] ) {
echo "json data";
} else {
// bad request
}
You can use $_SERVER['REMOTE_ADDR'] to get the address of the client address. You can also check $_SERVER['HTTP_REFERER'] and block external requests that way, but it's less reliable. There's probably a few other techniques involving $_SERVER that you can try.
Your fighting an uphill battle here. I am assuming your serverside process that responds in json is being consumed via javascript in your users browsers... so there is no easy way to encrypt it. You might try some of the techniques used to prevent xspf (see http://en.wikipedia.org/wiki/Cross-site_request_forgery ). If you developed the client to pass along some session token that is uniq per client you could reduce some of the problem. But, chances are whoever is stealing your data is gonna figure out whatever mechanism you put in place ... assuming this is some sort of ajax type thing. If its a server-server thing then as sli mentions, setting up some restrictions based on the remote ip would help, plus setting up some sort of API authentication tokens would help even more (see oauth for some pointers)
You could also using .htaccess with apache block every external request to the page if it get's called internally or block every request that is not from your domain:
Google search thingie
EDIT
You could also use some php file which includes the file which can not be read. So for example you have file.php:
<?php
$allowedFiles[] = 'somefile.php';
$allowedFiles[] = 'someotherFile.php';
$allowedFiles[] = 'jsonReturnFile.php';
if(in_array($_GET['file'], $allowedFiles)){
include( "include/".$_GET['file'] );
}
?>
Then you can allow file_ get _contents() on that file and write a rewriteRule in your .htacces to disallow any request to the include/ folder.
RewriteRule include* - [F,NC]
That will return a 403 forbidden error for a request to that directory or any file in the directory.
Then you can do you JSON request to something like: file.php?file=jsonReturnFile.php&someothherParamReadByJsonFile=1
And when someone tries to get the file contents for the JSON file they will get the forbidden error, and getting the file contents for the include.php won't return anything usefull.