关于`$HTTP_RAW_POST_DATA` 被弃用的警告
我切换到 PHP 5.6.0,现在到处都收到以下警告:
已弃用:自动填充 $HTTP_RAW_POST_DATA 已弃用,并将在以后的版本中删除.为避免此警告集在 php.ini 中将always_populate_raw_post_data"改为-1"并使用 php://input 流反而.在未知的第 0 行警告:无法修改标头信息 - 标头已在第 0 行的 Unknown 中发送
好吧,我依赖一些已弃用的功能.除了我没有!
- 我从未在我的任何脚本中使用过这个变量.老实说,我什至不知道它存在.
phpinfo()
显示我已将always_populate_raw_post_data
设置为 0(已禁用).那到底是怎么回事?
我不想通过将此值设置为 -1 来避免警告".这只会隐藏警告,我仍然会弃用配置.我想从源头上解决问题,并知道为什么 PHP 认为 HTTP_RAW_POST_DATA
填充已打开.
原来我对错误信息的理解是错误的.我会说它的用词选择很差.谷歌搜索显示其他人完全像我一样误解了该消息 - 请参阅 PHP 错误 #66763.>
在完全没有帮助之后这就是 RM 想要的样子."对 Mike 的那个 bug 的回应,Tyrael 解释说,将它设置为-1"并不仅仅是警告消失.它做了正确的事情,即它完全禁止填充罪魁祸首变量.事实证明,将其设置为 0 STILL 在某些情况下会填充数据.谈论糟糕的设计!引用 PHP RFC:
<块引用>更改 always_populate_raw_post_data INI 设置以接受三个值而不是两个.
- -1:master的行为;永远不要填充 $GLOBALS[HTTP_RAW_POST_DATA]
- 0/off/whatever:BC 行为(如果内容类型未注册或请求方法不是 POST 则填充)
- 1/on/yes/true:BC 行为(始终填充 $GLOBALS[HTTP_RAW_POST_DATA])
是的,将它设置为 -1 不仅可以避免警告,就像消息所说的那样,而且最终禁止填充这个变量,这正是我想要的.
I switched to PHP 5.6.0 and now I get the following warning everywhere:
Deprecated: Automatically populating $HTTP_RAW_POST_DATA is deprecated and will
be removed in a future version. To avoid this warning set
'always_populate_raw_post_data' to '-1' in php.ini and use the php://input stream
instead. in Unknown on line 0
Warning: Cannot modify header information - headers already sent in Unknown on line 0
Fine, I rely on some deprecated feature. Except that I don't!
- I haven't ever used this variable in any of my scripts. To be honest I had no idea it even exists.
phpinfo()
shows that I havealways_populate_raw_post_data
set to 0 (disabled). So what is going on?
I don't want to "avoid the warning" by setting this value to -1. This will just hide the warning, and I'll still have deprecated configuration. I want to solve the problem at its source and know why PHP thinks that HTTP_RAW_POST_DATA
populating is turned on.
It turns out that my understanding of the error message was wrong. I'd say it features very poor choice of words. Googling around shown me someone else misunderstood the message exactly like I did - see PHP bug #66763.
After totally unhelpful "This is the way the RMs wanted it to be." response to that bug by Mike, Tyrael explains that setting it to "-1" doesn't make just the warning to go away. It does the right thing, i.e. it completely disables populating the culprit variable. Turns out that having it set to 0 STILL populates data under some circumstances. Talk about bad design! To cite PHP RFC:
Change always_populate_raw_post_data INI setting to accept three values instead of two.
- -1: The behavior of master; don't ever populate $GLOBALS[HTTP_RAW_POST_DATA]
- 0/off/whatever: BC behavior (populate if content-type is not registered or request method is other than POST)
- 1/on/yes/true: BC behavior (always populate $GLOBALS[HTTP_RAW_POST_DATA])
So yeah, setting it to -1 not only avoids the warning, like the message said, but it also finally disables populating this variable, which is what I wanted.
相关文章