Newer Post

The Basics of the PHP Response in Drupal 8

Older Post

Drupal and the Front Controller Design Pattern

The Basics of the PHP Request

Hypertext Transfer Protocol (HTTP) is the language of the web. It is a request-response protocol, i.e., a web client such as a browser (e.g., Google Chrome, Firefox, Safari, etc.) asks for a page from a web server, which sends back the page as a response.

If you type http://www.facebook.com into your browser, this is what the raw information sent as a request may look like:

GET / HTTP/1.1
Host: facebook.com
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Accept: */*
Referer:

It is made up of a request line (GET / HTTP/1.1), a number of header field lines named as <key>: value (e.g. Accept: */*), a single empty line and an optional body for any data payload (for example, query parameters or post data).

When the HTTP Request reaches a web server that is running PHP, it is then translated into some global variables for the PHP environment. Let us now turn our attention to these variables.

$_REQUEST is a superglobal variable. It is available in all scopes everywhere in a script as an associative array of the contents of $_GET, $_POST and $_COOKIE variables. These variables in $_REQUEST are made available through the GET, POST, and COOKIE input mechanisms. Potentially, they could be modified by a user and therefore cannot be trusted. The inclusion and order of variables listed in this array is defined by the PHP variables_order configuration directive in the php.ini file.

PHP Superglobals

PHP Superglobals

The variables_order directive sets the order in which the following variables are parsed - EGPCS (Environment, Get, Post, Cookie, and Server). It is a string made of the first letter of the variables. If any are left out, there will be no superglobal variable for the letter available. For example, if variables_order is set to "SP", PHP will create the superglobals $_SERVER and $_POST, but $_ENV, $_GET, and $_COOKIE will not be created at all. If the variables_order is set to "", it effectively means no superglobals are set.

$_REQUEST holds any global data that is registered with the request_order directive in the php.ini file. The order of the data is similar to that of variables_order directive. If request_order is empty, PHP will use the value of variables_order.

If the deprecated register_globals directive is on, then variables_order also configures the order the ENV, GET, POST, COOKIE and SERVER variables are populated in global scope. For example, if variables_order is set to "EGPCS", register_globals is enabled as well as both $_GET['action'] and $_POST['action'] are set, then $action will contain the value of $_POST['action'] as P comes after G in our example directive value.

A final observation in both the CGI and FastCGI SAPIs - $_SERVER holds values from both the Environment and Server. Therefore, in such setups, S is always equivalent to ES regardless of the placement of E elsewhere in this directive. In fact, the E is effectively redundant in these situations.

From the preceding, we can observe many moving parts between a request and what eventually gets processed by the web server. The HttpFoundation component from the Symfony project crystallizes the HTTP specification into a uniform object-oriented layer with two prominent classes - Request and Response. The Request object sanitizes the incoming request and encapsulates it in a single object representing the HTTP request message. It also provides built-in methods for doing certain things, e.g. isSecure(), and provides session-management through a Session object.

Conclusion

HTTP is a stateless protocol. In order to deliver a simple web page, there may be hundreds of HTTP requests. Different web technologies have different approaches to dealing with this situation, e.g. Node.js and Ruby. Drupal 8 is built on a PHP solution provided by the HttpFoundation component from Symfony.

Further reading

  1. RFC 2616 - Hypertext Transfer Protocol -- HTTP/1.1 - IETF Tools
  2. The HttpFoundation Component

We'll help you unleash.

Join the 30,000 developers who subscribe to our newsletter.

Scale your
Development team

We help you execute projects by providing trusted developers who can join your team and immediately start delivering high-quality code.

Hire Developers
code, php