Home  »  ArticlesGuidesProgrammingTechnology   »   You can Detect the HTTP Request Method Using PHP by Doing This

You can Detect the HTTP Request Method Using PHP by Doing This

This is another beginner PHP article this time focusing on how to detect the HTTP request method. If you are a more competent developer then you might want to jump onto another article. How about this one on how to get both GET and POST methods in one request.

Why the Interest in Detecting the HTTP Request Method

Back to the point of this guide. The most compelling answer to this is, it is all about security. We know there is more than one request method when web browsers respond to servers. You, the developer may want to restrict your processes to certain response types.

These are also important when building code such as REST APIs.

A simple example would be to receive passwords from an HTML form via the POST method only. To be able to handle this feature you need to know how to detect the correct HTTP request method.

The simple solution is to check the request method using:

$_SERVER['REQUEST_METHOD']

A simple use case would look something like this:

if ( $_SERVER['REQUEST_METHOD'] === 'POST' ) {
     // Do something because the request method is POST
 }
 else {
    // Abort whatever
 }

The above method does not bode well from a security standpoint. The input here has not been validated nor sanitized. One way to fix this is to use the built-in filter_input PHP function. The above code would look something like this now:

$request_method = filter_input(INPUT_SERVER, 'REQUEST_METHOD', FILTER_SANITIZE_ENCODED);

if ( $request_method === 'POST' ) {
// Do something because the request method is POST
}
else {
// Abort whatever
}

If you want to test and handle different request methods differently, a more elegant way would be to use the PHP built-in switch statement. Here is a good example to start with. It also shows the supported HTTP request methods:

$request_method = $_SERVER['REQUEST_METHOD'];

switch ($request_method) {
  case 'GET':
    //Handle GET Request here
    break;
  case 'POST':
    //Here Handle POST Request here 
    break;
  case 'PUT':
    // Handle PUT Request here 
    break;
  case 'PATCH':
    // Handle PATCH Request here 
    break;
  case 'DELETE':
    //Here Handle DELETE Request
    echo 'You are using '.$method.' Method';
    break;
  case 'COPY':
      // Handle COPY Request here
      echo 'You are using '.$method.' Method';
      break;

  case 'OPTIONS':
      // Handle OPTIONS Request 
      break;
  case 'LINK':
      // Handle LINK Request here 
      break;
  case 'UNLINK':
      // Handle UNLINK Request here 
      break;
  case 'PURGE':
      //Here Handle PURGE Request here 
      break;
  case 'LOCK':
      // Handle LOCK Request here 
      break;
  case 'UNLOCK':
      //Here Handle UNLOCK Request here 
      break;
  case 'PROPFIND':
      // Handle PROPFIND Request here 
      break;
  case 'VIEW':
      //Here Handle VIEW Request 
      break;
  Default:
    // Handle default behavior
  break;
}

That’s it. There is not much to this but with these simple tips, you are now on your way to handling better code in terms of readability and security. Furthermore, you are now past the first hurdle to building your very own REST API.

Found this article interesting? Follow Brightwhiz on Facebook, Twitter, and YouTube to read and watch more content we post.