Mathiu, filter_input() and php://input are 2 totally different things:
filter_input() is a function that takes the type of the input along with the variable's name and applies a certain FILTER on it.
php://input is a stream (which is why it is read by file_get_contents()) which allows you to read raw data from the request body.
If you post some 'data' in a text input named 'var' in a form, this is what you will get:
$_POST['var'] will have the value: 'data'
file_get_contents('php://input') will have the value: 'var=data'
FUN fact: php://input is not available with enctype="multipart/form-data"
You will have $_GET['var'] and $_POST['var']. No problems.
$_GET and $_POST are arrays, so you will have no issues for them containing the same variable names.
However, if register_globals was ON (which is removed as of PHP 5.4), then you would look at the variables_order (EGPCS for example). In case it was EGPCS, then Post comes after Get, so the value of $var will be that of $_POST['var'].
Mathiu, filter_input() and php://input are 2 totally different things:
filter_input() is a function that takes the type of the input along with the variable's name and applies a certain FILTER on it.
php://input is a stream (which is why it is read by file_get_contents()) which allows you to read raw data from the request body.
If you post some 'data' in a text input named 'var' in a form, this is what you will get:
$_POST['var'] will have the value: 'data'
file_get_contents('php://input') will have the value: 'var=data'
FUN fact: php://input is not available with enctype="multipart/form-data"
Thanks for the explanation, I guess there are different use cases for
php://input
then.P.S. Now I'm curious what happens when you have the same var name in GET and POST at the same time.
You will have $_GET['var'] and $_POST['var']. No problems.
$_GET and $_POST are arrays, so you will have no issues for them containing the same variable names.
However, if register_globals was ON (which is removed as of PHP 5.4), then you would look at the variables_order (EGPCS for example). In case it was EGPCS, then Post comes after Get, so the value of $var will be that of $_POST['var'].
That's a good question, I would imagine it would depend on how the application handles global vars and in which order.