3 Allows http "POST" and "PUSH" requests with a Content-Type of
4 "application/vnd.php.serialized". This isn't used in the wild.
8 and (strtoupper($_SERVER["REQUEST_METHOD"][0]) == "P")
9 and (strtolower(trim(strtok($_SERVER["CONTENT_TYPE"], ";,(")))
10 == "application/vnd.php.serialized"))
12 #-- search for bare request body
13 if (isset($GLOBALS["HTTP_RAW_POST_DATA"])) {
14 $_POST = $GLOBALS["HTTP_RAW_POST_DATA"];
17 $f = fopen("php://input", "rb");
18 $_POST = fread($f, 1<<22);
22 #-- uncompress and decode, if something found
25 #-- strip known/supported encodings
26 $enc = trim(strtok(strtolower($_SERVER["HTTP_CONTENT_ENCODING"]), ",;"));
27 if ($enc == "deflate") {
28 $_POST = gzinflate($_POST);
30 elseif ($enc == "compress") {
31 $_POST = gzuncompress($_POST);
33 elseif ($enc == "gzip") {
34 $_POST = function_exists("gzdecode") ? gzdecode($_POST) : gzinflate(substr($_POST, 10, strlen($_POST) - 18));
36 elseif (($enc == "x-bzip2") or ($enc == "bzip2")) {
37 $_POST = function_exists("bzdecompress") ? bzdecompress($_POST) : NULL;
42 $_POST = unserialize($_POST);
46 $_REQUEST = array_merge($_REQUEST, $_POST);