Why Are Some $_POST Values Missing When Present in php://input?

PHP $_POST Values Missing When Present in php://input

When submitting large HTML forms via POST, some $_POST values may be missing in PHP. This occurs despite the values being present in the raw request body accessible via php://input.

The issue arises because PHP modifies certain characters, such as spaces and dots, in field names to comply with the deprecated register_globals setting. As a result, some keys may be altered and absent from $_POST.

To resolve this issue, consider the following workarounds:

Workarounds

1. Custom Function: Create a function to parse the php://input and reconstruct the correct $_POST array, accounting for the modified field names.

<code class="php">function getRealPOST() {
    $pairs = explode("&amp;", file_get_contents("php://input"));
    $vars = array();
    foreach ($pairs as $pair) {
        $nv = explode("=", $pair);
        $name = urldecode($nv[0]);
        $value = urldecode($nv[1]);
        $vars[$name] = $value;
    }
    return $vars;
}</code>

2. Disable register_globals: Set register_globals to "Off" in your PHP configuration to prevent field name modifications. However, this is not recommended as register_globals is a security risk.
3. URL Encode Field Names: Encode the field names in your HTML form using urlencode() to prevent special characters from being modified.

For instance, HTML fragment:

<code class="html"><input type="text" name="my_field.value" value="test"></code>

PHP code:

<code class="php">$my_field_value = $_POST['my_field.value'];</code>

4. Use an Alternative Method for Large Forms: Consider using an alternative method, such as multipart/form-data, which is better suited for handling large forms and preserving field names.

The above is the detailed content of Why Are Some $_POST Values Missing When Present in php://input?. For more information, please follow other related articles on the PHP Chinese website!