PHP Conference Nagoya 2025

apache_request_headers

(PHP 4 >= 4.3.0, PHP 5, PHP 7, PHP 8)

apache_request_headers获取全部 HTTP 请求 header

说明

apache_request_headers(): array

获取当前请求的所有请求 header。可在 Apache、FastCGI、CLI、FPM 模式下运行。

参数

此函数没有参数。

返回值

当前请求中所有 HTTP header 的关联数组。

更新日志

版本 说明
7.3.0 此函数可用于 FPM SAPI 模式。

示例

示例 #1 apache_request_headers() 示例

<?php
$headers
= apache_request_headers();

foreach (
$headers as $header => $value) {
echo
"$header: $value <br />\n";
}
?>

以上示例的输出类似于:

Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0
Host: www.example.com
Connection: Keep-Alive

注释

注意:

你也可以试图从环境变量中读取普通CGI变量,PHP以Apache模块方式运行时有可能无法获得。使用phpinfo()获得可读取的变量列表。 环境变量.

参见

添加备注

用户贡献的备注 5 notes

up
12
Tel
5 years ago
Although we expect to see headers in mixed case, the standard RFC2616 demands that "field names are case-insensitive". PHP delivers the headers exactly untouched in whatever way the client sent them. Potentially you should expect to get any type of uppercase or lowercase or mixed.

Thus, if you want to be standards compliant, you must loop through every key and check it in a case-insensitive manner, instead of doing the obvious thing and using the name of the header as an array index.
up
10
limalopex.eisfux.de
18 years ago
I didn't found a replacement for apache_request_headers() in PHP::Compat (http://pear.php.net/package/PHP_Compat) so I wrote my own:

<?php
if( !function_exists('apache_request_headers') ) {
///
function apache_request_headers() {
$arh = array();
$rx_http = '/\AHTTP_/';
foreach(
$_SERVER as $key => $val) {
if(
preg_match($rx_http, $key) ) {
$arh_key = preg_replace($rx_http, '', $key);
$rx_matches = array();
// do some nasty string manipulations to restore the original letter case
// this should work in most cases
$rx_matches = explode('_', $arh_key);
if(
count($rx_matches) > 0 and strlen($arh_key) > 2 ) {
foreach(
$rx_matches as $ak_key => $ak_val) $rx_matches[$ak_key] = ucfirst($ak_val);
$arh_key = implode('-', $rx_matches);
}
$arh[$arh_key] = $val;
}
}
return(
$arh );
}
///
}
///
?>
up
8
callum85 at notspam dot msn dot com
17 years ago
There is a simple way to get request headers from Apache even on PHP running as a CGI. As far as I know, it's the only way to get the headers "If-Modified-Since" and "If-None-Match" when apache_request_headers() isn't available. You need mod_rewrite, which most web hosts seem to have enabled. Put this in an .htacess file in your web root:

RewriteEngine on
RewriteRule .* - [E=HTTP_IF_MODIFIED_SINCE:%{HTTP:If-Modified-Since}]
RewriteRule .* - [E=HTTP_IF_NONE_MATCH:%{HTTP:If-None-Match}]

The headers are then available in PHP as
<?php
$_SERVER
['HTTP_IF_MODIFIED_SINCE'];
$_SERVER['HTTP_IF_NONE_MATCH'];
?>

I've tested this on PHP/5.1.6, on both Apache/2.2.3/Win32 and Apache/2.0.54/Unix, and it works perfectly.

Note: if you use RewriteRules already for clean URLs, you need to put the above rules AFTER your existing ones.
up
5
egocentryk
9 years ago
Superglobal $_SERVER, used in all patches for missing getallheaders() contains only truly basic headers. To pass ANY header into PHP in any httpd environment, including CGI/FCGI just add rule (any number of rules) into .htaccess:

RewriteRule .* - [E=HTTP_MY_HEADER:%{HTTP:My-Header}]

and the header with it's value will appear for PHP as
<?php print $_SERVER['HTTP_MY_HEADER']; ?>

And... just couldn't hold off. Rewrtiting $_SERVER keys for replacing missing function really does not require RegExps, preg_matches or evals... Try this:
<?php
function getallheaders() {
foreach(
$_SERVER as $K=>$V){$a=explode('_' ,$K);
if(
array_shift($a)=='HTTP'){
array_walk($a,function(&$v){$v=ucfirst(strtolower($v));});
$retval[join('-',$a)]=$V;}
} return
$retval; }
?>
up
1
gilles at sdv dot fr
1 year ago
The function apache_request_headers, doesn't exist in FCGI PHP-FPM

Use this patch : https://gist.github.com/rmpel/11583cfddfcc9705578428e3a2ee3dc1

<?php
// Drop-in replacement for apache_request_headers() when it's not available

if ( ! function_exists( 'apache_request_headers' ) ) {
function
apache_request_headers() {
static
$arrHttpHeaders;
if ( !
$arrHttpHeaders ) {

// Based on: http://www.iana.org/assignments/message-headers/message-headers.xml#perm-headers
$arrCasedHeaders = array(
// HTTP
'Dasl' => 'DASL',
'Dav' => 'DAV',
'Etag' => 'ETag',
'Mime-Version' => 'MIME-Version',
'Slug' => 'SLUG',
'Te' => 'TE',
'Www-Authenticate' => 'WWW-Authenticate',
// MIME
'Content-Md5' => 'Content-MD5',
'Content-Id' => 'Content-ID',
'Content-Features' => 'Content-features',
);
$arrHttpHeaders = array();

foreach (
$_SERVER as $strKey => $mixValue ) {
if (
'HTTP_' !== substr( $strKey, 0, 5 ) ) {
continue;
}

$strHeaderKey = strtolower( substr( $strKey, 5 ) );

if (
0 < substr_count( $strHeaderKey, '_' ) ) {
$arrHeaderKey = explode( '_', $strHeaderKey );
$arrHeaderKey = array_map( 'ucfirst', $arrHeaderKey );
$strHeaderKey = implode( '-', $arrHeaderKey );
} else {
$strHeaderKey = ucfirst( $strHeaderKey );
}

if (
array_key_exists( $strHeaderKey, $arrCasedHeaders ) ) {
$strHeaderKey = $arrCasedHeaders[ $strHeaderKey ];
}

$arrHttpHeaders[ $strHeaderKey ] = $mixValue;
}

/** in case you need authorization and your hosting provider has not fixed this for you:
* VHOST-Config:
* FastCgiExternalServer line needs -pass-header Authorization
*
* .htaccess or VHOST-config file needs:
* SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
* to add the Authorization header to the environment for further processing
*/
if ( ! empty( $arrHttpHeaders['Authorization'] ) ) {
// in case of Authorization, but the values not propagated properly, do so :)
if ( ! isset( $_SERVER['PHP_AUTH_USER'] ) ) {
list(
$_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'] ) = explode( ':', base64_decode( substr( $_SERVER['HTTP_AUTHORIZATION'], 6 ) ) );
}
}
}

return
$arrHttpHeaders;
}

// execute now so other scripts have little chance to taint the information in $_SERVER
// the data is cached, so multiple retrievals of the headers will not cause further impact on performance.
apache_request_headers();
}
To Top