What's the Difference Between Post and Raw Post in PHP at All

What's the difference between POST and raw POST in PHP at all?

We can divide form submissions in three cases:

1. Submissions with content type application/x-www-form-urlencoded
2. Submissions with content type multipart/form-data
3. Other submissions.

In cases 1 and 3, $HTTP_RAW_POST_DATA contains the raw post data (except if the option is always_populate_raw_post_data is set to false, in which case $HTTP_RAW_POST_DATA is empty in case 1), i.e., the data exactly as the client (usually the browser) has sent it. In case, 1, the data has a form such as

key1=value1&key2=value2&key3[]=value3.1&key3[]=value3.2

PHP automatically parses this, so that $_POST becomes:

$_POST = array(
    "key1" => "value1",
    "key2" => "value2",
    "key3" => array("value3.1", "value3.2");
)

The contents of the raw data can also be access through php://input, even in case 1 when always_populate_raw_post_data is set to false. In particular, file_get_contents("php://input") gives the same data $HTTP_RAW_POST_DATA has or would have.

In case 3, in which the POST data is arbitrary, $_POST will be an empty array and $HTTP_RAW_POST_DATA will always be populated.

Case 2 is a special one. In that case, PHP will parse the data and $_POST will get the content of the fields which are not uploaded files, but php://input and $HTTP_RAW_POST_DATA will be unavailable.

Differences between HTTP Raw Post Data and just Post data

"raw" post data is un parsed. It is just a string that needs to be parsed into individual key value pairs, and urldecoded.

$_POST however has all of this already done for you. It's not often one would prefer the raw post data.

What is the raw POST data?

An HTTP request consists of two parts. A set of headers and a body.

The headers include things like the URL being requested and caching control helpers (such as "I have a version of this from yesterday, only give me a new one if there are changes, OK?").

The body may or may not appear depending on the type of request. POST requests have bodies.

The body can be in any format the client likes. One of the headers will tell the server what the format is.

There are a couple of formats used by HTML forms, and PHP knows how to parse these and put the data into $_POST.

If the data is in another format, such as JSON, or if the data doesn't conform to PHP's quirks (such as the rules for having [] on the end of keys with the same name) then you might want to access the data directly so you can parse it yourself.

That is the raw POST data.

$_POST vs. $HTTP_RAW_POST_DATA vs file_get_contents(php://input)?

1. $_POST contains URL encoded (application/www-url-encoded) variables that are posted to your script and PHP decodes them for you. You use this one when you deal with HTML FORM data.
2. file_get_contents("php://input") - gets the raw POST data and you need to use this when you write APIs and need XML/JSON/... input that cannot be decoded to $_POST by PHP.
3. $HTTP_RAW_POST_DATA - in theory it is the same as the above but depends on php.ini. (DEPRECATED, SEE COMMENT)

I always use method #2 instead of #3 when I need non application/www-url-encoded input.

PHP php://input vs $_POST

The reason is that php://input returns all the raw data after the HTTP-headers of the request, regardless of the content type.

The PHP superglobal $_POST, only is supposed to wrap data that is either

• application/x-www-form-urlencoded (standard content type for simple form-posts) or
• multipart/form-data (mostly used for file uploads)

This is because these are the only content types that must be supported by user agents. So the server and PHP traditionally don't expect to receive any other content type (which doesn't mean they couldn't).

So, if you simply POST a good old HTML form, the request looks something like this:

POST /page.php HTTP/1.1

key1=value1&key2=value2&key3=value3

But if you are working with Ajax a lot, this probaby also includes exchanging more complex data with types (string, int, bool) and structures (arrays, objects), so in most cases JSON is the best choice. But a request with a JSON-payload would look something like this:

POST /page.php HTTP/1.1

{"key1":"value1","key2":"value2","key3":"value3"}

The content would now be application/json (or at least none of the above mentioned), so PHP's $_POST-wrapper doesn't know how to handle that (yet).

The data is still there, you just can't access it through the wrapper. So you need to fetch it yourself in raw format with file_get_contents('php://input') (as long as it's not multipart/form-data-encoded).

This is also how you would access XML-data or any other non-standard content type.

Accessing Variables in Raw PHP POST Data

Your post data is JSON so use json_decode to turn it into an array containing anobject and access the object_id property

$rawPostData = file_get_contents('php://input');
$json = json_decode($rawPostData);
$json = $json[0];
$all = date("F j, Y, g:i a") . " " . $json->object_id. "\r\n";
file_put_contents("Activity.log", $all, FILE_APPEND);

Postman Chrome: What is the difference between form-data, x-www-form-urlencoded and raw

These are different Form content types defined by W3C.
If you want to send simple text/ ASCII data, then x-www-form-urlencoded will work. This is the default.

But if you have to send non-ASCII text or large binary data, the form-data is for that.

You can use Raw if you want to send plain text or JSON or any other kind of string. Like the name suggests, Postman sends your raw string data as it is without modifications. The type of data that you are sending can be set by using the content-type header from the drop down.

Binary can be used when you want to attach non-textual data to the request, e.g. a video/audio file, images, or any other binary data file.

Refer to this link for further reading:
Forms in HTML documents

---

Related Topics