php $_POST 与 $_SERVER['REQUEST_METHOD'] == 'POST'
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/409351/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
$_POST vs. $_SERVER['REQUEST_METHOD'] == 'POST'
提问by Scott
Some guy called one of my Snipplr submissions "crap" because I used if ($_SERVER['REQUEST_METHOD'] == 'POST')instead of if ($_POST)
有些人称我的 Snipplr 提交之一为“废话”,因为我使用了if ($_SERVER['REQUEST_METHOD'] == 'POST')而不是if ($_POST)
Checking the request method seems more correct to me because that's what I really want to do. Is there some operational difference between the two or is this just a code clarity issue?
检查请求方法对我来说似乎更正确,因为那是我真正想做的。两者之间是否存在一些操作差异,或者这只是代码清晰度问题?
回答by gnud
Well, they don't do the same thing, really.
嗯,他们不做同样的事情,真的。
$_SERVER['REQUEST_METHOD']contains the request method (surprise).
$_SERVER['REQUEST_METHOD']包含请求方法(惊喜)。
$_POSTcontains any post data.
$_POST包含任何帖子数据。
It's possible for a POST request to contain no POST data.
POST 请求可能不包含 POST 数据。
I check the request method — I actually never thought about testing the $_POSTarray. I check the required post fields, though. So an empty post request would give the user a lot of error messages - which makes sense to me.
我检查了请求方法——我实际上从未想过测试$_POST数组。不过,我检查了必填的帖子字段。所以一个空的帖子请求会给用户带来很多错误信息——这对我来说很有意义。
回答by stuartloxton
if ($_SERVER['REQUEST_METHOD'] == 'POST')is the correct way, you can send a post request without any post data.
if ($_SERVER['REQUEST_METHOD'] == 'POST')是正确的方法,您可以在没有任何发布数据的情况下发送发布请求。
回答by binaryLV
I used to check $_POSTuntil I got into a trouble with larger POST data and uploaded files. There are configuration directives post_max_sizeand upload_max_filesize- if any of them is exceeded, $_POSTarray is not populated.
我过去常常检查,$_POST直到我遇到更大的 POST 数据和上传的文件的问题。有配置指令,post_max_size并且upload_max_filesize- 如果超出其中任何一个,$_POST则不会填充数组。
So the "safe way" is to check $_SERVER['REQUEST_METHOD']. You still have to use isset()on every $_POSTvariable though, and it does not matter, whether you check or don't check $_SERVER['REQUEST_METHOD'].
所以“安全的方法”是检查$_SERVER['REQUEST_METHOD']. 尽管如此,您仍然必须isset()在每个$_POST变量上使用,并且检查或不检查都没有关系$_SERVER['REQUEST_METHOD']。
回答by DUzun
If your application needs to react on request of type post, use this:
如果您的应用程序需要对 post 类型的请求做出反应,请使用以下命令:
if(strtoupper($_SERVER['REQUEST_METHOD']) === 'POST') { // if form submitted with post method
// validate request,
// manage post request differently,
// log or don't log request,
// redirect to avoid resubmition on F5 etc
}
If your application needs to react on any data received through post request, use this:
如果您的应用程序需要对通过 post 请求收到的任何数据做出反应,请使用以下命令:
if(!empty($_POST)) { // if received any post data
// process $_POST values,
// save data to DB,
// ...
}
if(!empty($_FILES)) { // if received any "post" files
// validate uploaded FILES
// move to uploaded dir
// ...
}
It is implementation specific, but you a going to use both, + $_FILES superglobal.
它是特定于实现的,但您将同时使用两者,+ $_FILES 超全局变量。
回答by Eamon
You can submit a form by hitting the enter key (i.e. without clicking the submit button) in most browsers but this does not necessarily send submit as a variable - so it is possible to submit an empty form i.e. $_POSTwill be empty but the form will still have generated a http post request to the php page. In this case if ($_SERVER['REQUEST_METHOD'] == 'POST')is better.
在大多数浏览器中,您可以通过按回车键(即不单击提交按钮)来提交表单,但这并不一定将提交作为变量发送 - 因此可以提交一个空表单,即$_POST会是空的,但表单仍然会已生成对 php 页面的 http post 请求。在这种情况下if ($_SERVER['REQUEST_METHOD'] == 'POST')更好。
回答by Eran Galperin
They are both correct. Personally I prefer your approach better for its verbosity but it's really down to personal preference.
他们都是正确的。我个人更喜欢你的方法,因为它的冗长,但这真的取决于个人喜好。
Off hand, running if($_POST) would not throw an error - the $_POST array exists regardless if the request was sent with POST headers. An empty array is cast to false in a boolean check.
顺便说一句,运行 if($_POST) 不会抛出错误 - 无论请求是否与 POST 标头一起发送,$_POST 数组都存在。在布尔检查中,空数组被强制转换为 false。
回答by Amama Alaeddine
$this->method = $_SERVER['REQUEST_METHOD'];
if ($this->method == 'POST' && array_key_exists('HTTP_X_HTTP_METHOD', $_SERVER)) {
if ($_SERVER['HTTP_X_HTTP_METHOD'] == 'DELETE') {
$this->method = 'DELETE';
} else if ($_SERVER['HTTP_X_HTTP_METHOD'] == 'PUT') {
$this->method = 'PUT';
} else {
throw new Exception("Unexpected Header");
}
}
回答by Alfredo Rahn
As long as I may need to access my PHP scripts with more than one method, what I do actually is:
只要我可能需要用一种以上的方法访问我的 PHP 脚本,我实际上做的是:
if (in_array($_SERVER['REQUEST_METHOD'],array("GET","POST","DELETE"))) {
// do wathever I do
}
回答by shreekanth
It checks whether the page has been called through POST (as opposed to GET, HEAD, etc). When you type a URL in the menu bar, the page is called through GET. However, when you submit a form with method="post" the action page is called with POST.
它检查页面是否已通过 POST 调用(与 GET、HEAD 等相反)。当您在菜单栏中键入 URL 时,将通过 GET 调用该页面。但是,当您使用 method="post" 提交表单时,将使用 POST 调用操作页面。
回答by Alan Storm
It's really a 6 of one, a half-dozen of the other situation.
这真的是一个 6 个,其他情况的六个。
The only possible argument against your approach is $_SERVER['REQUEST_METHOD'] == 'POST' may not be populated on certain web-servers/configuration, whereas the $_POST array will always exist in PHP4/PHP5 (and if it doesn't exist, you have bigger problems (-:)
反对您的方法的唯一可能的论点是 $_SERVER['REQUEST_METHOD'] == 'POST' 可能不会填充在某些 Web 服务器/配置上,而 $_POST 数组将始终存在于 PHP4/PHP5 中(如果它不存在)不存在,你有更大的问题(-:)
