What exactly does this PHP code do?
Question
Alright, my friend gave me this code for requesting headers and comparing them to what the header should be. It works perfectly, but I'm not sure why. Here is the code:
$headers = apache_request_headers();
$customheader = "Header: 7ddb6ffab28bb675215a7d6e31cfc759";
foreach ($headers as $header => $value) { // 1
$custom .= "$header: $value"; // 2
}
$mystring = $custom; // 3
$findme = $customheader; // 4
$pos = strpos($mystring, $findme);
if ($pos !== false) {
// Do something
} else{ exit(); } //If it doesn't match, exit.
I commented with some numbers relating to the following questions:
What exactly is happening here? Is it setting the $headers as $header AND $value?
Again, don't have any idea what is going on here.
Why set the variable to a different variable? This is the only area where the variable is getting used, so is there a reason to set it to something else?
Same question as 3.
I'm sorry if this is a terrible question, but its been bothering me, and I really want to know WHY it works. Well, I understand why it works, I guess I just want to know more specifically. Thanks for any insight you can provide.
Solution
$headers = apache_request_headers();
Gets the header array.
$customheader = "Header: 7ddb6ffab28bb675215a7d6e31cfc759";
Defined a "customheader" it will search for.
foreach ($headers as $header => $value) { // 1
$custom .= "$header: $value"; // 2
}
Loop through and create a $custom
variable to hold the expanded $key=>$value
header.
$mystring = $custom; // 3
$findme = $customheader; // 4
$pos = strpos($mystring, $findme);
Look for the $customheader
in the expanded string.
if ($pos !== false) {
// Do something
} else{ exit(); } //If it doesn't match, exit.
There really isn't a need for the reassignment of variables. In essence it's taking the array of headers and turning it into one big string which it then searches through to see if the $customheader
text exists.
OTHER TIPS
- It's iterating over $headers, assigning the key of each element to $header and the value to $value. So, inside the block, we get the name of the header and its value in separate variables.
- On this step we concatenate all headers in a single string using the dot operator. Essentially, we're converting the headers from an array into a string.
- Unless these variables are used elsewhere, there's no reason for reassignment.
disclaimer: I'm a ruby person, so please correct me if I'm wrong.
apache_request_headers() returns an associative array of all the HTTP
headers in the current request and returns false
if it fails. So its good to check the return value as:
$headers = apache_request_headers();
if(! $headers) {
die("Error fetching headers");
}
1: You are iterating your the associative array you got.
2: form a string of glued key value pairs in the array, with the key and value separated by a colon.
3 and 4 are just assigning one variable to another. You could have directly used: $pos = strpos($custom, $customheader);
in place of steps 3 and 4. strpos
returns false
if it cannot find your $customheader
in $custom
else it returns the found position.
Overall this snippet checks if your custom header is present in the headers returned by apache_request_headers
.