Php 5.6 "Automatically populating $HTTP_RAW_POST_DATA is deprecated"

[mattab]

Our build fails on 5.6 because of this warning.

It's quite annoying and I find lots of people online with the problem.

I'm not sure the proper way to fix this. a search in our code shows we don't use $HTTP_RAW_POST_DATA.

Maybe we really need to edit php.ini and set always_populate_raw_post_data to -1? (in this case we'd have to add system check to check users have set it to -1).

See also:

• http://stackoverflow.com/questions/26261001/warning-about-http-raw-post-data-being-deprecated
• Bug report: https://bugs.php.net/bug.php?id=66763

[mnapoli]

always_populate_raw_post_data=-1

that would solve the problem if we don't use the variable that was deprecated (if I understand it correctly).

What I don't understand though is that the warning appears regardless of whether an application uses that variable… I've had that warning on very small scripts that didn't use the variable at all. I find it weird that PHP 5.6 ships like that, maybe I'm missing something.

[mattab]

I find it weird that PHP 5.6 ships like that, maybe I'm missing something.

I think it could be a bug in PHP 5.6 that was overlooked. Or maybe it's also triggered when something else than this variable is used. For example in the case of Piwik it seems to be triggered only for afew tests, those tests maybe that use Bulk tracking only? in bulk tracking for example we use file_get_contents("php://input"); maybe this or something else would also trigger the warning?

[mnapoli]

It seems like there are several people meeting the same problem with codebases not using HTTP_RAW_POST_DATA:

• $HTTP_RAW_POST_DATA depricated message using PHP 5.6 Heroku bcit-ci/CodeIgniter#3254
• PHP 5.6 compability owncloud/core#10700
• in my own experience hosting https://github.com/mnapoli/IsItMaintained

When we read PHP 5.6 migration guide we read:

always_populate_raw_post_data will now generate an E_DEPRECATED error when enabled.

It seems that it's simple: to not get the deprecation, you need to disable this in php.ini.

i just find it stupid that PHP 5.6 ships with a config that makes it throw deprecation warnings automatically…

[mnapoli]

As a follow up, using ini_set() to set always_populate_raw_post_data doesn't work. We need to use php.ini.

[mnapoli]

I got some feedback from the dev that added that to PHP (http://fr.reddit.com/r/PHP/comments/2jpzzj/php_56_throws_e_deprecated_by_default_for_no/):

the default value is 0, as you can see here: http://lxr.php.net/xref/PHP_5_6/main/main.c#641

what I was referring to by -1 was the suggested default php.ini files (http://lxr.php.net/xref/PHP_5_6/php.ini-development[2] http://lxr.php.net/xref/PHP_5_6/php.ini-production).

but those lines are commented out, so even distros which use those files as-is for the default php.ini will have always_populate_raw_post_data=0

and the E_DEPRECATED message is triggered when we actually populate the $HTTP_RAW_POST_DATA

So yes, by default PHP 5.6 ships with a configuration that throws deprecated notices… The only fix is for users to add this to their php.ini:

always_populate_raw_post_data=-1

For reference, the #internals discussion: http://www.serverphorums.com/read.php?7,1048319,1048407

[diosmosis]

Do you know what triggers the error? If so, maybe we can use a custom error handler to ignore the error so at least it won't break Piwik for people who upgrade.

[mnapoli]

Some HTTP requests. It's not related to the code.

[diosmosis]

Maybe we can catch it in Piwik's error handler? I guess if PHP throws it on startup, then not so much.

[mattab]

FYI I posted new comment on the bug, it's our duty to fight for our users, won't give up so easily ;-) https://bugs.php.net/bug.php?id=66763

[bramus]

@mnapoli RE: "Some HTTP requests."

By the looks of it: requests that use a payload, instead of regular requests (which use form-urlencoded encoded data)

Works fine:

$ curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d "foo=bar" http://domain.tld/

Throws out a Deprecated warning:

$ curl -X POST -H "Content-Type: application/json" -d "{foo: bar}" http://domain.tld/

Ajax requests done using jQuery for example use a payload, and thus will trigger the warning 👎

[mattab]

users start to report this error eg. in this forum post

[bramus]

I've blogged about it at http://www.bram.us/2014/10/26/php-5-6-automatically-populating-http_raw_post_data-is-deprecated-and-will-be-removed-in-a-future-version/, in hope people will find it when they Google that error.

[mattab]

FYI added system check in #6468 to let users know about this pro-actively

[powtac]

Maybe http://3v4l.org can help to spot the version differences?

Made a quick test: http://3v4l.org/bO96q seems to change nothing.

[mnapoli]

@powtac it's a INI setting that cannot be changed in a PHP file (it's a PHP_INI_PERDIR setting: http://php.net/manual/en/ini.core.php so read this)

[powtac]

I see! Sorry.

[justincletus]

always_populate_raw_post_data PHP setting Not set to -1. for drupal 8 site report shows this error how to fix it

[ndziePatrickJoel]

Apparently it is a bug from PHP 5.6 i stop receiving this warning after switching to php 7.0.10

[mattab]

Yes upgrading to PHP7 will fix this issue automatically 👍

[EskindirA]

yup! updated to PHP7, works!

[kaushik1994]

Please use Content-Type = application/x-www-form-urlencoded To solve this issue.

[rafiqbd]

This is working for me

<IfModule mod_php5.c>
    php_value always_populate_raw_post_data -1
</IfModule>

[Javaman79]

This is working for me

<IfModule mod_php5.c>
    php_value always_populate_raw_post_data -1
</IfModule>

Thanks, this is working for me too

[Findus23]

@rafiqbd, @Javaman79
I'd strongly recommend you to upgrade from PHP 5.6 to a newer version as this bug in PHP is fixed afterwards and 5.6 doesn't get security updates by the PHP team anymore (you might get them by someone else).