Add request_parse_body() function

RFC: https://wiki.php.net/rfc/rfc1867-non-post

This function allows populating the $_POST and $_FILES globals for non-post
requests. This avoids manual parsing of RFC1867 requests.

Fixes #55815
Closes phpGH-11472

Author: iluuu1994

UPGRADING

@@ -143,6 +143,11 @@ PHP 8.4 UPGRADE NOTES
 2. New Features
 ========================================
 
+- Core:
+  . Added request_parse_body() function that allows parsing RFC1867 (multipart)
+    requests in non-POST HTTP requests.
+    RFC: https://wiki.php.net/rfc/rfc1867-non-post
+
 - Date:
   . Added static methods
     DateTime[Immutable]::createFromTimestamp(int|float $timestamp): static.

Zend/Optimizer/zend_func_infos.h

@@ -599,6 +599,7 @@ static const func_info_t func_infos[] = {
 	F1("fsockopen", MAY_BE_RESOURCE|MAY_BE_FALSE),
 	FN("pfsockopen", MAY_BE_RESOURCE|MAY_BE_FALSE),
 	F1("http_build_query", MAY_BE_STRING),
+	F1("request_parse_body", MAY_BE_ARRAY|MAY_BE_ARRAY_KEY_LONG|MAY_BE_ARRAY_OF_ARRAY),
 	F1("image_type_to_mime_type", MAY_BE_STRING),
 	F1("image_type_to_extension", MAY_BE_STRING|MAY_BE_FALSE),
 	F1("getimagesize", MAY_BE_ARRAY|MAY_BE_ARRAY_KEY_LONG|MAY_BE_ARRAY_KEY_STRING|MAY_BE_ARRAY_OF_LONG|MAY_BE_ARRAY_OF_STRING|MAY_BE_FALSE),

Zend/tests/request_parse_body/invalid_boundary.phpt

@@ -0,0 +1,25 @@
+--TEST--
+request_parse_body() with multipart and invalid boundary
+--ENV--
+REQUEST_METHOD=PUT
+--POST_RAW--
+Content-Type: multipart/form-data; boundary="foobar
+empty
+--FILE--
+<?php
+
+try {
+    [$_POST, $_FILES] = request_parse_body();
+} catch (Throwable $e) {
+    echo get_class($e), ': ', $e->getMessage(), "\n";
+}
+
+var_dump($_POST, $_FILES);
+
+?>
+--EXPECT--
+RequestParseBodyException: Invalid boundary in multipart/form-data POST data
+array(0) {
+}
+array(0) {
+}

Zend/tests/request_parse_body/multipart.phpt

@@ -0,0 +1,56 @@
+--TEST--
+request_parse_body() with multipart
+--ENV--
+REQUEST_METHOD=PUT
+--POST_RAW--
+Content-Type: multipart/form-data; boundary=---------------------------84000087610663814162942123332
+-----------------------------84000087610663814162942123332
+Content-Disposition: form-data; name="post_field_name"
+
+post field data
+-----------------------------84000087610663814162942123332
+Content-Disposition: form-data; name="file_name"; filename="original_file_name.txt"
+Content-Type: text/plain
+
+file data
+-----------------------------84000087610663814162942123332--
+--FILE--
+<?php
+
+[$_POST, $_FILES] = request_parse_body();
+
+var_dump($_POST, $_FILES);
+
+$file_path = __DIR__ . '/put_multipart_uploaded_file.txt';
+move_uploaded_file($_FILES['file_name']['tmp_name'], $file_path);
+var_dump(file_get_contents($file_path));
+
+?>
+--CLEAN--
+<?php
+$file_path = __DIR__ . '/put_multipart_uploaded_file.txt';
+@unlink($file_path);
+?>
+--EXPECTF--
+array(1) {
+  ["post_field_name"]=>
+  string(15) "post field data"
+}
+array(1) {
+  ["file_name"]=>
+  array(6) {
+    ["name"]=>
+    string(22) "original_file_name.txt"
+    ["full_path"]=>
+    string(22) "original_file_name.txt"
+    ["type"]=>
+    string(10) "text/plain"
+    ["tmp_name"]=>
+    string(%d) "%s"
+    ["error"]=>
+    int(0)
+    ["size"]=>
+    int(9)
+  }
+}
+string(9) "file data"

Zend/tests/request_parse_body/multipart_garbled.phpt

@@ -0,0 +1,32 @@
+--TEST--
+request_parse_body() with multipart and garbled field
+--INI--
+max_file_uploads=1
+--ENV--
+REQUEST_METHOD=PUT
+--POST_RAW--
+Content-Type: multipart/form-data; boundary=---------------------------84000087610663814162942123332
+-----------------------------84000087610663814162942123332
+Content-Disposition: form-data;
+Content-Type: text/plain
+
+post field data
+-----------------------------84000087610663814162942123332--
+--FILE--
+<?php
+
+try {
+    [$_POST, $_FILES] = request_parse_body();
+} catch (Throwable $e) {
+    echo get_class($e), ': ', $e->getMessage(), "\n";
+}
+
+var_dump($_POST, $_FILES);
+
+?>
+--EXPECT--
+RequestParseBodyException: File Upload Mime headers garbled
+array(0) {
+}
+array(0) {
+}

Zend/tests/request_parse_body/multipart_max_files.phpt

@@ -0,0 +1,37 @@
+--TEST--
+request_parse_body() with multipart and exceeding max files
+--INI--
+max_file_uploads=1
+--ENV--
+REQUEST_METHOD=PUT
+--POST_RAW--
+Content-Type: multipart/form-data; boundary=---------------------------84000087610663814162942123332
+-----------------------------84000087610663814162942123332
+Content-Disposition: form-data; name="file1"; filename="file1.txt"
+Content-Type: text/plain
+
+file data
+-----------------------------84000087610663814162942123332
+Content-Disposition: form-data; name="file2"; filename="file2.txt"
+Content-Type: text/plain
+
+file data
+-----------------------------84000087610663814162942123332--
+--FILE--
+<?php
+
+try {
+    [$_POST, $_FILES] = request_parse_body();
+} catch (Throwable $e) {
+    echo get_class($e), ': ', $e->getMessage(), "\n";
+}
+
+var_dump($_POST, $_FILES);
+
+?>
+--EXPECT--
+RequestParseBodyException: Maximum number of allowable file uploads has been exceeded
+array(0) {
+}
+array(0) {
+}

Zend/tests/request_parse_body/multipart_max_input_vars.phpt

@@ -0,0 +1,35 @@
+--TEST--
+request_parse_body() with multipart and exceeding max input vars
+--INI--
+max_input_vars=1
+--ENV--
+REQUEST_METHOD=PUT
+--POST_RAW--
+Content-Type: multipart/form-data; boundary=---------------------------84000087610663814162942123332
+-----------------------------84000087610663814162942123332
+Content-Disposition: form-data; name="field1"
+
+post field data
+-----------------------------84000087610663814162942123332
+Content-Disposition: form-data; name="field2"
+
+post field data
+-----------------------------84000087610663814162942123332--
+--FILE--
+<?php
+
+try {
+    [$_POST, $_FILES] = request_parse_body();
+} catch (Throwable $e) {
+    echo get_class($e), ': ', $e->getMessage(), "\n";
+}
+
+var_dump($_POST, $_FILES);
+
+?>
+--EXPECT--
+RequestParseBodyException: Input variables exceeded 1. To increase the limit change max_input_vars in php.ini.
+array(0) {
+}
+array(0) {
+}

Zend/tests/request_parse_body/multipart_max_parts.phpt

@@ -0,0 +1,36 @@
+--TEST--
+request_parse_body() with multipart and exceeding max parts
+--INI--
+max_multipart_body_parts=1
+--ENV--
+REQUEST_METHOD=PUT
+--POST_RAW--
+Content-Type: multipart/form-data; boundary=---------------------------84000087610663814162942123332
+-----------------------------84000087610663814162942123332
+Content-Disposition: form-data; name="post_field_name"
+
+post field data
+-----------------------------84000087610663814162942123332
+Content-Disposition: form-data; name="file_name"; filename="original_file_name.txt"
+Content-Type: text/plain
+
+file data
+-----------------------------84000087610663814162942123332--
+--FILE--
+<?php
+
+try {
+    [$_POST, $_FILES] = request_parse_body();
+} catch (Throwable $e) {
+    echo get_class($e), ': ', $e->getMessage(), "\n";
+}
+
+var_dump($_POST, $_FILES);
+
+?>
+--EXPECT--
+RequestParseBodyException: Multipart body parts limit exceeded 1. To increase the limit change max_multipart_body_parts in php.ini.
+array(0) {
+}
+array(0) {
+}

Zend/tests/request_parse_body/multipart_missing_boundary.phpt

@@ -0,0 +1,27 @@
+--TEST--
+request_parse_body() with multipart and missing boundary
+--ENV--
+REQUEST_METHOD=PUT
+--POST_RAW--
+Content-Type: multipart/form-data
+empty
+--FILE--
+<?php
+
+$stream = fopen('php://memory','r+');
+
+try {
+    [$_POST, $_FILES] = request_parse_body();
+} catch (Throwable $e) {
+    echo get_class($e), ': ', $e->getMessage(), "\n";
+}
+
+var_dump($_POST, $_FILES);
+
+?>
+--EXPECT--
+RequestParseBodyException: Missing boundary in multipart/form-data POST data
+array(0) {
+}
+array(0) {
+}

Zend/tests/request_parse_body/multipart_options_invalid_key.phpt

@@ -0,0 +1,21 @@
+--TEST--
+request_parse_body() invalid key
+--FILE--
+<?php
+
+try {
+    request_parse_body(options: ['foo' => 1]);
+} catch (Error $e) {
+    echo get_class($e), ': ', $e->getMessage(), "\n";
+}
+
+try {
+    request_parse_body(options: [42 => 1]);
+} catch (Error $e) {
+    echo get_class($e), ': ', $e->getMessage(), "\n";
+}
+
+?>
+--EXPECT--
+ValueError: Invalid key "foo" in $options argument
+ValueError: Invalid integer key in $options argument

Zend/tests/request_parse_body/multipart_options_invalid_quantity.phpt

@@ -0,0 +1,17 @@
+--TEST--
+request_parse_body() invalid quantity
+--FILE--
+<?php
+
+try {
+    request_parse_body(options: [
+        'upload_max_filesize' => '1GB',
+    ]);
+} catch (Throwable $e) {
+    echo get_class($e), ': ', $e->getMessage(), "\n";
+}
+
+?>
+--EXPECTF--
+Warning: Invalid quantity "1GB": unknown multiplier "B", interpreting as "1" for backwards compatibility in %s on line %d
+RequestParseBodyException: Request does not provide a content type

Zend/tests/request_parse_body/multipart_options_invalid_value_type.phpt

@@ -0,0 +1,16 @@
+--TEST--
+request_parse_body() invalid value type
+--FILE--
+<?php
+
+try {
+    request_parse_body(options: [
+        'max_input_vars' => [],
+    ]);
+} catch (Error $e) {
+    echo get_class($e), ': ', $e->getMessage(), "\n";
+}
+
+?>
+--EXPECT--
+ValueError: Invalid array value in $options argument

Zend/tests/request_parse_body/multipart_options_max_files.phpt

@@ -0,0 +1,39 @@
+--TEST--
+request_parse_body() max_file_uploads option
+--INI--
+max_file_uploads=10
+--ENV--
+REQUEST_METHOD=PUT
+--POST_RAW--
+Content-Type: multipart/form-data; boundary=---------------------------84000087610663814162942123332
+-----------------------------84000087610663814162942123332
+Content-Disposition: form-data; name="file1"; filename="file1.txt"
+Content-Type: text/plain
+
+file data
+-----------------------------84000087610663814162942123332
+Content-Disposition: form-data; name="file2"; filename="file2.txt"
+Content-Type: text/plain
+
+file data
+-----------------------------84000087610663814162942123332--
+--FILE--
+<?php
+
+try {
+    [$_POST, $_FILES] = request_parse_body([
+        'max_file_uploads' => 1,
+    ]);
+} catch (Throwable $e) {
+    echo get_class($e), ': ', $e->getMessage(), "\n";
+}
+
+var_dump($_POST, $_FILES);
+
+?>
+--EXPECT--
+RequestParseBodyException: Maximum number of allowable file uploads has been exceeded
+array(0) {
+}
+array(0) {
+}