We can divide form submissions in three cases:
- Submissions with content type
application/x-www-form-urlencoded
- Submissions with content type
multipart/form-data
- Other submissions.
In cases 1 and 3, $HTTP_RAW_POST_DATA contains the raw post data (except if the option is always_populate_raw_post_data is set to false, in which case $HTTP_RAW_POST_DATA is empty in case 1), i.e., the data exactly as the client (usually the browser) has sent it. In case, 1, the data has a form such as
key1=value1&key2=value2&key3[]=value3.1&key3[]=value3.2
PHP automatically parses this, so that $_POST becomes:
$_POST = array(
"key1" => "value1",
"key2" => "value2",
"key3" => array("value3.1", "value3.2");
)
The contents of the raw data can also be access through php://input, even in case 1 when always_populate_raw_post_data is set to false. In particular, file_get_contents("php://input") gives the same data $HTTP_RAW_POST_DATA has or would have.
In case 3, in which the POST data is arbitrary, $_POST will be an empty array and $HTTP_RAW_POST_DATA will always be populated.
Case 2 is a special one. In that case, PHP will parse the data and $_POST will get the content of the fields which are not uploaded files, but php://input and $HTTP_RAW_POST_DATA will be unavailable.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
