Sysadmins of the North
Don't forget to share this post!

Always_populate_raw_post_data setting in PHP 5.6 & Magento 2.0

Does Magento 2 throw an error about always_populate_raw_post_data being set to 0? And are you having problems installing or updating Magento with PHP 5.6 and PHP 7? Then read on, because here is how to fix upgrades to Magento 2.0 in PHP 5.6 and higher: PHP 7+.

PHP always_populate_raw_post_data ($HTTP_RAW_POST_DATA) & Magento 2.0

Magento 2.0 requires PHP’s always_populate_raw_post_data to be disabled, or set to -1 in your php.ini file. Since PHP 5.6, the use of $HTTP_RAW_POST_DATA is deprecated and will be removed in PHP 7.0.

However, in PHP 5.6, this setting is commented out, making it equal to 0, not -1. And this causes errors when you try to install, or update, Magento 2.0 using PHP 5.6 or PHP 7.

The PHP always_populate_raw_post_data setting will let PHP always populate the $HTTP_RAW_POST_DATA containing the raw POST data, if set to true (1). Otherwise, the variable is populated only when the MIME type of the data is unrecognized.

Protip: learn how to validate MIME types with PHP Fileinfo!

Magento 2.0 PHP Settings Check

And this is where Magento goes wrong… Well, in my opinion Magento goes wrong by quitting the installer. The error should only be thrown when both display_errors and display_startup_errors are enabled in your PHP configuration. On my production servers, they’re disabled.

This may interest you:   Monitor Windows services with PowerShell

Unfortunately Magento 2.0‘s PHP settings check still complains, and throws the following error message:

Your PHP Version is 5.6.15, but always_populate_raw_post_data = 0. $HTTP_RAW_POST_DATA is deprecated from PHP 5.6 onwards and will be removed in PHP 7.0. This will stop the installer from running. Please open your php.ini file and set always_populate_raw_post_data to -1. If you need more help please call your hosting provider.

PHP Settings Check, the quick fix for Magento

Here is how you can quickly fix Magento’s always_populate_raw_post_data = 0 error with PHP 5.6/7.0:

  • upload a user defined ini-file, or a .user.ini file, to your website’s root folder. It has to contain the following setting:
always_populate_raw_post_data = -1

This will set the always_populate_raw_post_data value to how it is supposed to be: -1. For your Magento website only.

The directive is a PHP_INI_PERDIR and PHP_INI_ALL setting, meaning you can set it anywhere. If you are a server administrator, make the change to your php.ini file; automatically populating $HTTP_RAW_POST_DATA is removed in PHP 7.0.0 and deprecated in PHP 5.6.

Protip: when you go through your PHP configuration, fix & set correct values for curl.cainfo and openssl.cafile too! Stop turning off CURLOPT_SSL_VERIFYPEER.

If set to TRUE, PHP will always populate the $HTTP_RAW_POST_DATA containing the raw POST data. Otherwise, the variable is populated only when the MIME type of the data is unrecognised.

The preferred method for accessing raw POST data is php://input, and $HTTP_RAW_POST_DATA is deprecated in PHP 5.6.0 onwards. Setting always_populate_raw_post_data to -1 will opt into the new behaviour that will be implemented in a future version of PHP, in which $HTTP_RAW_POST_DATA is never defined.

Regardless of the setting, $HTTP_RAW_POST_DATA is not available with enctype=”multipart/form-data”.

HTH 🙂

This may interest you:   Multiple IIS 6.0/7.5 Vulnerabilities

buy me a coffee
Buy Me A Coffee

About the Author Jan Reilink

My name is Jan. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing my daily thing at Vevida in the Netherlands. With over 15 years of experience, my specialties include Windows Server, IIS, Linux (CentOS, Debian), security, PHP, WordPress, websites & optimization. Want to support me and donate? Use this link: https://paypal.me/jreilink.

follow me on:

Leave a Comment:

14 comments
Add Your Reply
Skip to content