469,283 Members | 2,303 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,283 developers. It's quick & easy.

reading http request raw data as stream

Hi,

Let me start with the question and then describe my case :
Is there a way to read the raw contents of an HTTP request in PHP as a
stream (i.e. not get it all at once from Apache) ?

In my case I am implementing an API for my server side app. One of the
actions in the API allows the posting of binary contents as
application/octet-stream. The size of this binary contents can get up
to several MBs.

I also employ a Basic HTTP authentication as part of the API, meaning,
that for every request I look for the authentication
headers(PHP_AUTH_USER and PHP_AUTH_PW). If the headers are missing (or
the credentials are not valid) I return "HTTP/1.0 401 Unauthorized" and
the client has to set the right headers and repost the request (no
problems here).

This scenario is kinda problematic for me, as the authentication check
is only performed when the entire request is complete and reached PHP.
So posting 5MB would result in posting 10MB for an unauthenticated
user.

Also, I use the nice stream wrapper 'php://input' in order to read the
posted binary contents, and again here I notice that the control is
passed to PHP only after the entire request had reached the server.

Any ideas on how to overcome this limitation ?

I'm using PHP 5.1 over Apache1.3 and Apache2.

Thx,
Avi

Dec 15 '06 #1
4 3645
Av****@gmail.com wrote:
Also, I use the nice stream wrapper 'php://input' in order to read the
posted binary contents, and again here I notice that the control is
passed to PHP only after the entire request had reached the server.
A possibility would be to set up a PHP-based (telnet) server, which listens
to a port ignored by Apache.

http://www.devshed.com/c/a/PHP/Socke...ming-With-PHP/
JW
Dec 17 '06 #2
Janwillem Borleffs wrote:
Av****@gmail.com wrote:
Also, I use the nice stream wrapper 'php://input' in order to read the
posted binary contents, and again here I notice that the control is
passed to PHP only after the entire request had reached the server.

A possibility would be to set up a PHP-based (telnet) server, which listens
to a port ignored by Apache.

http://www.devshed.com/c/a/PHP/Socke...ming-With-PHP/
JW
Thanks, JW.
However, I'm afraid it's not a viable (yet original :-D ) option for me
due to three reasons:
1. my hosting provider does not allow any incoming socket operations
(outgoing using curl via proxy only)
2. I wouldn't wanna go with any other port rather than 80 in order not
to have to deal with FW issues on the client side
3. I like what I get from Apache+PHP and wouldn't want to implement a
mini web server inside my app.

It just seems logical to me that PHP would support such a flow (like
perl or java for instance).

I have tried playing with some php.ini parameters :
changed the post_max_size to 0, and was able to receive the entire file
contents without having to wait for the request to finish.
The downside was that PHP kept screaming on that it had received a
request with a body bigger than the post_max_size....

Best,
Avi

Dec 19 '06 #3
Hi Avi,
This scenario is kinda problematic for me, as the authentication check
is only performed when the entire request is complete and reached PHP.
So posting 5MB would result in posting 10MB for an unauthenticated
user.
How about restricting access to your upload-form to authenticated
users only? Like this you can be sure that only an authenticated user
can post a request.

Dec 19 '06 #4

ct... wrote:
Hi Avi,
This scenario is kinda problematic for me, as the authentication check
is only performed when the entire request is complete and reached PHP.
So posting 5MB would result in posting 10MB for an unauthenticated
user.

How about restricting access to your upload-form to authenticated
users only? Like this you can be sure that only an authenticated user
can post a request.
I do not have an upload-form - I'm building an API that one of its
actions is to upload content (i.e. not the file upload RFC).

Wish it was that easy...
Thx,
Avi

Dec 20 '06 #5

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

7 posts views Thread by Shane | last post: by
1 post views Thread by Joe Ehrenfeld via .NET 247 | last post: by
3 posts views Thread by rsk | last post: by
reply views Thread by zhoujie | last post: by
reply views Thread by suresh191 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.