Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
If i read file upload script I see almost everywhere the following line of code to read the file contents
file_get_contents('php://input');
But unfortunately can't really understand it. Can someone please help what does it actually mean?
Although your post isn't too detailed in what you have tried to accomplish and most importantly, how, I will attempt to provide some guidelines to solving your problem.
1. How do uploads work?
The first thing you must understand, how uploads work with PHP. The file you upload is sent as the body part of the HTTP request.
This body part however may be encoded. Once such encoding may be multipart/form-data, where the body is divided into separate parts. PHP however does some special processing to this, see later on in this answer.
An other method is to send the file itself completely unencoded as the body part of a PUT request, sent by for example XMLHttpRequest. This would enable your code to actually work, but again, let's discuss this later.
2. How does PHP handle uploads?
PHP has some special magic if you use multipart/form-data. If you use this, the contents of php://input will not be available, instead you must use the $_FILES array to handle your upload.
If you on the other hand want to process the upload yourself or you used the PUT method and your upload doesn't require special processing, you can just read all contents of php://input and use them any way you like.
For more details on uploads please see the PHP manual.
3. How to submit files from the client?
There are several methods. The most basic method is to simply create a form that submits the file as a HTTP POST upload and then handle it as described above.
If you want a progress bar, you can use some Flash like the YUI uploader. This little file will still send a HTTP POST, but you will have access to how much was uploaded via JavaScript.
Finally, if your browser supports the HTML5 File API, you can get the contents of a local file and upload it via HTTP POST or HTTP PUT according to your needs. For more details see this tutorial.
4. Debugging problems
Stuff tends to break, so you'll need to be able to debug it. Your first weapon of choice would be some sort of network dump from your browser. If you have Chrome, the tools are build in, for other browsers you might have to download some extensions.
You need to look at the request and see if the data is there and it's encoded correctly. As a web developer you should posses a deep understanding of HTTP, so if you don't read up on it. There is no excuse for not knowing HTTP.
If you are sure your data arrives on the server side, you should learn to debug PHP. First of all, take a look at your superglobals. Is everything there you sent? Or is something missing?
If you don't have the file you sent, you may have hit the configured filesize limits for uploads, either in your webserver or in your PHP. As to which the culprit is, you will have to find out for yourself.
Also, be sure to set error_reporting to E_ALL & E_NOTICE so you don't miss problems with your code.
Finally, if nothing else helps, you will need to learn to debug with xdebug. Again, there is no excuse whatsoever for a web developer for not being able to debug your own code. None.
See http://www.php.net/manual/en/wrappers.php.php.
php://input is a "special file" which contains the input that was sent to the PHP script. On a web server that means the contents of the HTTP request body. file_get_contents simply reads the entire contents, like from a regular file.
In short: that line gets the content of the HTTP request body.
However: php://input is not populated when using multipart/form-data
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I'm having a hard time grasping how PHP/HTML/the server works and I couldn't find any info (it has to be somewhere so if you have a link I'd appreciate it). I'll try to explain best what I understand/don't understand and ask a concise question.
My Understanding
PHP code is in the same file as HTML files and needs the server to have a PHP parser? to read and execute the PHP code.
PHP code executes first on the server side, then HTML/JS execute on the client side (hence you can't see the PHP code on the browser).
What I don't understand
When a PHP code calls a $_POST request, where is the request going? Let's say I call a $_POST request to mypage2.php. How do I handle this $_POST request in my mypage2.php code? (I setup an iFrame and tried to make a $_POST request to it, but it changed to that page).
How do I use multiple .php files on a site? I always see something like authentication.php but are those pages just classes to never be used (aka I can never go to mysite.com/authentication.php)?
My end goal is to get data from an external $_POST call, and send it to my page embedded in an iFrame. I feel I don't understand the basic concepts first though and all the tutorials discuss the syntax of PHP (which I think I understand).
I am running on a windows machine and using XAMPP if that is relevant. Thank you.
Your html POST going to $_POST array on page2.php.
This array has the same index of page1.html input/form.
<input name="username"> <input name="password">
To use it in your page2.php, you can store it on a variable like this
$username = $_POST['username'];
$password = $_POST['password'];
You kind of have it right:
PHP is in the same file with your HTML/CSS/JavaScript code. It requires a PHP interpreter on the Web server. The Web server will not send a raw PHP file (with PHP code in it) to a client browser, if configured correctly.
When there is a request for a PHP file, the PHP interpreter on the Web server processes the PHP file, which removes the PHP code and replaces it with the interpreted result (HTML/CSS/JavaScript code). It sends the processed file to the client browser as the PHP file. That file only contains HTML/CSS/JavaScript code. The client browser runs the HTML/CSS/JavaScript code that the Web server sends.
There are global variables in PHP that store data that's POSTed or otherwise sent to the PHP file. Have a look at $_POST, $_GET and $_REQUEST. Note that you should never trust data that's submitted by a user and you should always "sanitize" it (see What's the best method for sanitizing user input with PHP?)
You can use more than one PHP file on a website, but no variables or other data carry automatically from file to file, so each file starts with a blank sheet. There are ways to pass values among pages by passing them in the URL or by using PHP Sessions.
Some applications that use more than one PHP file don't want a user to be able to run a PHP file on its own. They only want the PHP file to be executed by the application, from another PHP file. So what the programmer will sometimes do is to set a global variable and store it as a session variable. The first thing a PHP file does is check that variable to see if it's set. If it's not, it means the user tried to run the PHP file by itself, and it just exits. That might be why you can't run a particular PHP file you mentioned.
If you have a file mypage2.php and you post 'mydata' to that file, for example from an HTML form where name='mydata', you can retrieve the data from the global $_POST, for example, <?php $mydata = $_POST['mydata'];?>. After you sanitize it, if the IFRAME is also within mypage2.php, you can insert it into the IFRAME by echoing it, for example, <?php echo $mydata;?>
I am writing an android app to connect to PHP web service and through my searches in internet I faced file_get_contents('php://input'); and I understood some parts of it's functionality but I still don't get it. What are php://input or php://stdin or stuff like that?
I've read http://php.net/manual/en/function.file-get-contents.php and I confused much more.
Please explain it completely.
The information comes from here: http://www.php.net/manual/en/wrappers.php.php
When information is sent to the server via a POST request, it is saved in a temporary file.
The command file_get_contents('php://input') reads the raw information sent to PHP -- unprocessed before it ever gets put into $_POST or $_REQUEST super globals.
This technique is often used when someone is uploading a file, such as an image.
EDIT: removed $_GET
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 9 years ago.
Improve this question
If I'm hosting a website on a server that has PHP, would I ever need to host a .html file on it? PHP files can have raw HTML code inside of them as well as the added benefit of being able to inject PHP code, so isn't PHP a more inclusive language?
Serving HTML is generally a lot easier for the webserver than serving a page that has to be run through the PHP interpreter.
This can have huge benefits on high-traffic sites. For example, the Obama campaign ran their fundraising platform with a lot of static HTML for that reason.
it always can be situation that you would need to add e.g. maintenance page in pure html
It's not a question of whether you can simply make everything "a PHP file" but rather a question of whether any given file needs to be PHP. If a file contains only static content, there's no need for any server-side processing. So in such cases it would make more sense to make it an HTML file.
Don't look for a tool that covers all cases, look for the right tool for each case.
I read that it is recommended to have <?php flush(); ?> between </head> and <body>. I would assume that this should apply to every webpage, there really isn't a solid reason as to why you would only use HTML.
I agree with ceejayoz, but if that's not a problem for you, then using PHP is great.
It depends on your purpose. If your page uses PHP then the file extension needs to end in .php. If you don't have any PHP then you can just save the page with a .html file extension. A major difference is that PHP is processed on the server side. Meaning the user(client) will not see your PHP code if he views the source, he'll see what was processed from the server in the form of HTML.
One advantage of using .php files over HTML (in this trivial case) is that, you can wrap up all your footer files(if the are the same) or any redundant files, like sidebar, advertisingand just include them in your other files, instead of having to create/manage individual files later, So, you can just open one footer.php file and make as many changes as you want without wasting any time.
Your basic understanding is correct. You can absolutely have a .php file that has only HTML in it and given a simple page and a simple site there would be little difference.
However, the PHP preprocessor adds a bit of overhead to check for PHP code in the file. In most cases this is insignificant, but on a highly optimized site you probably would not want the pages to be processed for nothing.
I wouldn't say that PHP is a more inclusive language though, HTML and PHP are two different things. In many cases (but by no means all) PHP generates HTML. It's just that the resulting HTML from a PHP script that has no PHP tags in it would most likely be the same as it would be for an html file. Although it is likely that HTTP Response Headers would be different and there are other things outside of the file content itself that could be slightlu
I'm writing a very simple file sharing site in JS and PHP. I've got a drag/drop working, so the browser gets a file object upon drop, and from there I tried to send in a xhr request to an upload page. However, I can't seem to just drop a binary file object in a request header, and so was wondering how I'd go about base64 encoding it.
In PHP I'd use base64_encode, but I'm not even at the PHP page yet. Maybe you could suggest an alternative method to my current one?
Oh, and in the PHP that receives it, it writes to a semi-random file after base64_decodeing the file.
EDIT: I worked around it, but there isn't really a good answer. Thanks for helping!
Here's my demo: http://bernsteinbear.com/up
There is a function in the works that is currently only supported in Firefox, xhr.sendAsBinary, but for now you can do the Base64 encoding in Javascript with this custom function:
http://www.webtoolkit.info/javascript-base64.html
Alternatively, you can implement sendAsBinary yourself, as seen here:
http://hublog.hubmed.org/archives/001941.html
Just be aware that the Base64 method is currently the most compatible method.
Is there any reason you aren't using something like the Valumns File Uploder? I don't know why you're wanting to add a binary file "as a request header" (that makes little sense to me), but having to base64 encode it before sending seems a bit silly when HTTP can handle sending binary data in both directions quite easily (example with forms). Then again, I'm unfamiliar with the File API, so I'm not sure what special things you might be doing with it (are you transforming the file at all before sending?). Maybe I'm missing the point of this exercise.
I'm coding an API and got stuck on the UPDATE part of things. From what I've read about REST the update operation should be exposed by using HTTP PUT.
Ok, PUT gives me just a stream of data. At least in PHP the decoding of this data is my responsibility. So how do I mix string data and file upload and use PUT? I know I can do it in POST but I'm trying to do it the RESTful way.
Should I use multipart/form-data and is that portable for PUT (I mean is it easy to send this kind of request in different languages)? I'm trying to figure out the proper way to do this. Again, if I use multipart/form-data I'm responsible for the parsing so there might be some errors or performance degradation. Can you suggest a parser if this multipart/... is the way to do what I'm asking?
Thanks
General rule of PUT is that is idempotent
Calling 2x PUT /user/{userId}/files/foo.txt ends up in the same state, with the 2nd call you would simply override the foo.txt. You are 'setting' things.
Calling 2x POST /user/{userId}/files would end up in two different files. You are 'adding' things.
Therefore I would use PUT if you want to write to a dedicated target. What kind of files do you want to upload. E.g. if it is a picture-upload I would use POST (where you would get the target url inside response). If you are designing a kind of file-storage for a user I would use PUT, because most likely users want to write (set) to a certain location (like you would on a ordinary file-system).
Maybe you have more details/requirements for a concrete case?
What kind of data are you attempting to PUT? Remember that PUT is a directed publishing method. The client sends data to the server and essentially says "PUT this file into /home/sites/.../myfile.txt".
Useful for when you're publishing data to a site and are creating a new page. Not so useful if it's a standard file upload form ("Upload an avatar image here!"). You don't want to allow potentially malicious users to specify where an uploaded file should go.
That's when you use POST, which translates into "here's a file, it's called myfile.txt, do what you want with it".