对 PUT 方法的支持

PHP 对部分客户端具备的 HTTP PUT 方法提供了支持。PUT 请求比文件上传要简单的多,它们一般的形式为:

PUT /path/filename.html HTTP/1.1

这通常意味着远程客户端会将其中的 /path/filename.html 存储到 web 目录树。让 Apache 或者 PHP 自动允许所有人覆盖 web 目录树下的任何文件显然是很不明智的。因此,要处理类似的请求,必须先告诉 web 服务器需要用特定的 PHP 脚本来处理该请求。在 Apache 下,可以用 Script 选项来设置。它可以被放置到 Apache 配置文件中几乎所有的位置。通常我们把它放置在 <Directory> 区域或者 <VirtualHost> 区域。可以用如下一行来完成该设置:

Script PUT /put.php

这将告诉 Apache 将所有对 URI 的 PUT 请求全部发送到 put.php 脚本,这些 URI 必须和 PUT 命令中的内容相匹配。当然,这是建立在 PHP 支持 .php 扩展名,并且 PHP 已经在运行的假设之上。 The destination resource for all PUT requests to this script has to be the script itself, not a filename the uploaded file should have.

With PHP you would then do something like the following in your put.php. This would copy the contents of the uploaded file to the file myputfile.ext on the server. You would probably want to perform some checks and/or authenticate the user before performing this file copy.

示例 #1 保存 HTTP PUT 文件

<?php
/* PUT data comes in on the stdin stream */
$putdata = fopen("php://input", "r");

/* Open a file for writing */
$fp = fopen("myputfile.ext", "w");

/* Read the data 1 KB at a time
and write to the file */
while ($data = fread($putdata, 1024))
fwrite($fp, $data);

/* Close the streams */
fclose($fp);
fclose($putdata);
?>

add a note add a note

User Contributed Notes 10 notes

up
36
micronix at gmx dot net
14 years ago
Hello PHP World After many Hours of worryness :=)

I have found the Solution for Resume or Pause Uploads
In this Code Snippet it is the Server Side not Client on any Desktop Programm you must use byte ranges to calculate the uploaded bytes and missing of total bytes.

Here the PHP Code

<?php
$CHUNK
= 8192;

        try {
            if (!(
$putData = fopen("php://input", "r")))
                throw new
Exception("Can't get PUT data.");

           
// now the params can be used like any other variable
            // see below after input has finished

           
$tot_write = 0;
           
$tmpFileName = "/var/dev/tmp/PUT_FILE";
           
// Create a temp file
           
if (!is_file($tmpFileName)) {
               
fclose(fopen($tmpFileName, "x")); //create the file and close it
                // Open the file for writing
               
if (!($fp = fopen($tmpFileName, "w")))
                    throw new
Exception("Can't write to tmp file");

               
// Read the data a chunk at a time and write to the file
               
while ($data = fread($putData, $CHUNK)) {
                   
$chunk_read = strlen($data);
                    if ((
$block_write = fwrite($fp, $data)) != $chunk_read)
                        throw new
Exception("Can't write more to tmp file");

                   
$tot_write += $block_write;
                }

                if (!
fclose($fp))
                    throw new
Exception("Can't close tmp file");

                unset(
$putData);
            } else {
               
// Open the file for writing
               
if (!($fp = fopen($tmpFileName, "a")))
                    throw new
Exception("Can't write to tmp file");

               
// Read the data a chunk at a time and write to the file
               
while ($data = fread($putData, $CHUNK)) {
                   
$chunk_read = strlen($data);
                    if ((
$block_write = fwrite($fp, $data)) != $chunk_read)
                        throw new
Exception("Can't write more to tmp file");

                   
$tot_write += $block_write;
                }

                if (!
fclose($fp))
                    throw new
Exception("Can't close tmp file");

                unset(
$putData);
            }

           
// Check file length and MD5
           
if ($tot_write != $file_size)
                throw new
Exception("Wrong file size");

           
$md5_arr = explode(' ', exec("md5sum $tmpFileName"));
           
$md5 = $md5sum_arr[0];
            if (
$md5 != $md5sum)
                throw new
Exception("Wrong md5");
        } catch (
Exception $e) {
            echo
'', $e->getMessage(), "\n";
        }
?>
up
2
arnaud at caramia dot Fr
1 year ago
We resolved our problem with https://pecl.php.net/package/apfd.

It parses multipart/form-data body (files and payload) with PUT and PATCH http requests, witch was only possible before with POST http request.
up
2
San
10 years ago
Instead of using fread fwrite to save uploaded content to a file.
stream_copy_to_stream is much cleaner.
up
2
Oscar Fernandez Sierra
2 years ago
This is what worked for me. There are many examples in the web that don't work. I found in https://lornajane.net/posts/2009/putting-data-fields-with-php-curl.

IMPORTANT: You should not use the code

       curl_setopt($ch, CURLOPT_PUT, true);

even if it seems to be the right option (it would be the right option for a POST request, with CURLOPT_POST, but it does not work for a PUT request).

Notice that the constant CURLOPT_CUSTOMREQUEST is used instead of CURLOPT_PUT, and that the value used is "PUT" instead of true.

<?php

        $url
= "....."; // put your URL here

       
$data = array("a" => $a);

       
$ch = curl_init($url);
       
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
       
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT");
       
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));

       
$response = curl_exec($ch);
        if ( !
$response) {
            return
false;
        }
up
1
polygon dot co dot in at gmail dot com
1 year ago
I was confused with file uploads using the PUT method.
My concern was why can't we upload multiple files using the PUT method with streams
PUT data comes in on the stdin stream
$putdata = fopen("php://input", "r");
Note the $putdata is a file pointer to the file content that is being uploaded.
The data is received on the server on the fly (which means available as it is received)

Secondly, when we are using parse_str(file_get_contents("php://input")).
This means the data is completely received on the server end and is then made available to the script.

When using fopen() one cant parse the data. This can be used when uploading a large file.
The file may range from 100's of MBs to Gigs where streams plays a major role.

Streams make the file data available to script in chunks instead of first saving in the temp folder.
Hence, when using $putdata = fopen("php://input", "r"); one can't pass the payload as well.
If someone wants to pass the payload the only option is in the URL query string.
up
-1
willy at kochkonsult dot no
2 years ago
All the example code I found for using PUT with PHP always used a default hard-coded file extension for the incoming stream.

The filename from the incoming file PUT request can't be found anywhere from the incoming request (at least I couldn't find it) but mimetype can be found in the $_SERVER global variable.

I used this code to get the correct file extension:

$mimeType = $_SERVER['HTTP_CONTENT_TYPE'];

if ($mimeType!='application/pdf')
    {  
    header('HTTP/1.1 405 Only PDF files allowed');
    echo("Only PDF files are allowed for upload - this file is ".$mimeType);
    die();
    }
else $fileExtension = 'pdf';

If you have an Apache Tika server available, that would be the best option to analyze the file content to get the mimetype, but that might not be in scope for everyone :-)
up
-3
yaogzhan at gmail dot com
18 years ago
PUT raw data comes in php://input, and you have to use fopen() and fread() to get the content. file_get_contents() is useless.

The HTTP PUT request MUST contain a Content-Length header to specify the length (in bytes) of the body, or the server will not be able to know when the input stream is over. This is the common problem for many to find the php://input empty if no such header available.

This should make PUT work properly on win32 using PHP5.1.1 and apache2.
up
-5
gherson
19 years ago
A Case Study:  To set up publishing with Netscape 7.2 Composer to Apache/PHP, no need to use CGI (which I tried unsuccessfully for too long) or to alter Apache's httpd.conf.  I needed only to click Publish As, fill in put2disk.php as the filename (where its contents are the below), and fill in that file's dir as the "Publishing address".
XAMPP 1.4.14: Apache/2.0.54 (Win32) mod_ssl/2.0.54 OpenSSL/0.9.7g PHP/5.0.4.

<? // filename: put2disk.php.

//file_put_contents ("get_def.out", print_r (get_defined_vars(), TRUE)); // debugging

// Two slurp methods: (a) didn't work, (b) did.
//$stdin_rsc = fopen("php://input", "r");
//$putdata='';
//while ($putdata .= fread($stdin_rsc, 1024)); // a. Hangs the "Publishing..." dialog.
//while (!feof($stdin_rsc)) $putdata.=fread($stdin_rsc, 8192); // b. Worked, but file_get_contents is faster.
//fclose($stdin_rsc);

// All that's nec:
$putdata=file_get_contents('php://input'); // Not php://stdin! (When the ability to see error messages isn't available, the doc (this manual page) needs to be more accurate.)

file_put_contents("stdin.out",$putdata);
?>
up
-7
warhog at warhog dot net
19 years ago
NOTE: The <Script>-Directive can not be placed in .htaccess files.

So if you're having shared webspace and no access to the apache-configuration file you will have little chance to make something like this work.

But you can solve the problem, using mod_rewrite (for Apache) - for further information see the documentation at http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html
up
-10
mikeb at mikebanahan dot com
21 years ago
I have spent a lot of time trying to make PUT work with Apache 2.0.40. I have not yet been able to find any way of making the Script directive invoke php via mod_php, the only way has been to have a file called example.cgi and invoke it via CGI, with the file starting
#!/usr/bin/php
so the PHP interpreter is invoked through the CGI mechanism and not as a module.

If there IS a way of making it work 'right' I'd love to know! After six hours of messing around, I've settled for CGI. The error messages in the apache error log are significantly misleading and the whole thing has been an exercise in frustration.

Attempts to use AddHandler and all 'normal' ways of trying to persuade Apache to do this have been fruitless. It does seem as if PUT can only be handled by CGI invocation.
To Top