Backend Development
PHP Tutorial
Handling JSON POST requests in Yii2: Configuration and Practice
Handling JSON POST requests in Yii2: Configuration and Practice
Jul 23, 2025 pm 06:45 PM
Understand the default behavior of JSON POST requests and Yii2
In web development, the front-end usually sends data to the back-end via POST requests. Common Content-Types are application/x-www-form-urlencoded and multipart/form-data. Web servers (such as Apache, Nginx) will parse these two types of request bodies by default and fill data into PHP's $_POST global variable. Therefore, the Yii2 framework also reads the POST parameter from $_POST by default.
However, when the current side uses fetch or XMLHttpRequest to send a request of Content-Type: application/json type, the JSON data in the request body is not automatically parsed by the web server and populated into the $_POST variable. This means that even if the request is successfully sent to the backend, Yii2 will get a null value because $_POST is empty when trying to get the parameter via Yii::$app->request->post('paramName').
Solution: Configure the Yii2 request resolver
In order for Yii2 to correctly parse request bodies of application/json type, you need to add the JSON parser to the yii\web\Request::$parsers property. This is usually done in your application configuration file (such as config/web.php or config/main.php).
Find the configuration of the request component in the components array and add the parsers property:
// config/web.php or config/main.php
'components' => [
'request' => [
// !!! insert a secret key in the following (if it is empty) - this is required by cookie validation
'cookieValidationKey' => 'your-secret-key', // Please replace with your key 'parsers' => [
'application/json' => 'yii\web\JsonParser',
],
// ... Other request component configuration],
// ... Other component configuration]
Through the above configuration, when Yii2 receives a request with Content-Type application/json, it will automatically use yii\web\JsonParser to parse the request body, and fill the parsed data into the internal data structure accessible by the Yii::$app->request->post() method.
Example of front-end JavaScript sending JSON request
The example code for the front-end to use the fetch API to send JSON data is as follows. Note the settings of Content-Type: application/json in headers, and the use of JSON.stringify() in body to convert JavaScript objects into JSON strings.
let csrfToken = document.querySelector("meta[name='csrf-token']").content;
let csrfParam = document.querySelector("meta[name='csrf-param']").content;
// Assume e.id and this.state.ChangeName are the data to be sent const dataToSend = {
'id': e.id,
'name': this.state.ChangeName
};
fetch("http://site.se/react/save-babysitter", {
method: "POST",
headers: {
"Content-Type": "application/json", // Key: Specify the content type as JSON
"Accept": "application/json",
// Yii2 CSRF token, ensure the security of the request [csrfParam]: csrfToken, // Use bracket syntax, because csrfParam is the variable "X-CSRF-Token": csrfToken // Compatibility considerations, usually Yii2 will check one of them},
body: JSON.stringify(dataToSend) // Convert JavaScript objects to JSON string})
.then(response => {
// Check the response status code, if not 2xx, an error is thrown if (!response.ok) {
throw new Error(`HTTP error! status: ${response.status}`);
}
return response.json(); // parse JSON response})
.then((data) => {
console.log("Success:", data);
})
.catch((error) => {
console.error("Error:", error);
});
Notes:
- CSRF token: When sending a POST request, to prevent cross-site request forgery (CSRF) attacks, Yii2 checks the CSRF token by default. The front-end needs to get the CSRF token from the page and send it as a request header or request body parameter. In the above code example, the token is sent through the csrf-param and X-CSRF-Token headers.
- Error handling: Adding response.ok checks and catch blocks to the then chain of fetch can better handle network errors and server response errors.
Backend PHP controller processing logic
After configuring JsonParser, the Yii2 request component can correctly parse the JSON request body. You can now obtain parameters in JSON data like getting normal form data through the Yii::$app->request->post() method.
<?php namespace app\controllers;
use Yii;
use yii\web\Controller;
use yii\web\Response; // Introduce Response class class ReactController extends Controller
{
// Disable CSRF verification (for demonstration only, please be cautious in production environments)
// public $enableCsrfValidation = false;
public function actionSaveBabysitter()
{
$request = Yii::$app->request;
// Set the response format to JSON
Yii::$app->response->format = Response::FORMAT_JSON;
// Get parsed JSON data // If the front-end sends {"id": 123, "name": "Test"}
$id = $request->post('id');
$name = $request->post('name');
// You can also get all POST parameters as an array // $postData = $request->post();
// In production environment, it is usually necessary to verify and process the received data if (empty($id) || empty($name)) {
Return [
'status' => 'error',
'message' => 'ID or Name cannot be empty. ',
];
}
// Suppose that data storage or other business logic is performed here // For example: $model = new Babysitter(['id' => $id, 'name' => $name]); $model->save();
// Return successful response return [
'status' => 'success',
'message' => 'Data received successfully! ',
'received_id' => $id,
'received_name' => $name,
// More processing results can be returned here];
}
}
Important tips:
- CSRF Verification: If your controller or single action has CSRF Verification enabled (Yii2 is enabled by default), make sure the front-end sends the CSRF token correctly. If the front-end cannot send the token or you are sure that CSRF protection is not required (for example, for interfaces that are only for internal API calls), you can set $enableCsrfValidation = false in the controller or disable in action via behavior configuration. But be sure to understand the security risks that disabling CSRF verification can pose.
- getRawBody(): If you need to get the original JSON string instead of parsed data, you can use the Yii::$app->request->getRawBody() method. This is useful in some scenarios where the original request body needs to be manually parsed or recorded.
- Response format: In Yii2, in order to return a response in JSON format, it is recommended to set Yii::$app->response->format = \yii\web\Response::FORMAT_JSON;, and then directly return a PHP array or object. Yii2 will automatically encode it into a JSON string.
Summarize
By configuring yii\web\JsonParser in the request component of the Yii2 application, we can easily solve the problem that the backend cannot receive application/json type POST request data. This configuration allows Yii2 to seamlessly process JSON data sent by the front-end, greatly simplifying the complexity of front-end data interaction. In actual development, in addition to correctly configuring the parser, attention should be paid to CSRF protection, data verification, and specification error handling to build robust and secure web applications.
The above is the detailed content of Handling JSON POST requests in Yii2: Configuration and Practice. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undress AI Tool
Undress images for free
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
How to use PHP to build social sharing functions PHP sharing interface integration practice
Jul 25, 2025 pm 08:51 PM
The core method of building social sharing functions in PHP is to dynamically generate sharing links that meet the requirements of each platform. 1. First get the current page or specified URL and article information; 2. Use urlencode to encode the parameters; 3. Splice and generate sharing links according to the protocols of each platform; 4. Display links on the front end for users to click and share; 5. Dynamically generate OG tags on the page to optimize sharing content display; 6. Be sure to escape user input to prevent XSS attacks. This method does not require complex authentication, has low maintenance costs, and is suitable for most content sharing needs.
How to use PHP combined with AI to achieve text error correction PHP syntax detection and optimization
Jul 25, 2025 pm 08:57 PM
To realize text error correction and syntax optimization with AI, you need to follow the following steps: 1. Select a suitable AI model or API, such as Baidu, Tencent API or open source NLP library; 2. Call the API through PHP's curl or Guzzle and process the return results; 3. Display error correction information in the application and allow users to choose whether to adopt it; 4. Use php-l and PHP_CodeSniffer for syntax detection and code optimization; 5. Continuously collect feedback and update the model or rules to improve the effect. When choosing AIAPI, focus on evaluating accuracy, response speed, price and support for PHP. Code optimization should follow PSR specifications, use cache reasonably, avoid circular queries, review code regularly, and use X
The top 10 most authoritative cryptocurrency market websites in the world (the latest version of 2025)
Jul 29, 2025 pm 12:48 PM
The top ten authoritative cryptocurrency market and data analysis platforms in 2025 are: 1. CoinMarketCap, providing comprehensive market capitalization rankings and basic market data; 2. CoinGecko, providing multi-dimensional project evaluation with independence and trust scores; 3. TradingView, having the most professional K-line charts and technical analysis tools; 4. Binance market, providing the most direct real-time data as the largest exchange; 5. Ouyi market, highlighting key derivative indicators such as position volume and capital rate; 6. Glassnode, focusing on on-chain data such as active addresses and giant whale trends; 7. Messari, providing institutional-level research reports and strict standardized data; 8. CryptoCompa
How to choose a free market website in the currency circle? The most comprehensive review in 2025
Jul 29, 2025 pm 06:36 PM
The most suitable tools for querying stablecoin markets in 2025 are: 1. Binance, with authoritative data and rich trading pairs, and integrated TradingView charts suitable for technical analysis; 2. Ouyi, with clear interface and strong functional integration, and supports one-stop operation of Web3 accounts and DeFi; 3. CoinMarketCap, with many currencies, and the stablecoin sector can view market value rankings and deans; 4. CoinGecko, with comprehensive data dimensions, provides trust scores and community activity indicators, and has a neutral position; 5. Huobi (HTX), with stable market conditions and friendly operations, suitable for mainstream asset inquiries; 6. Gate.io, with the fastest collection of new coins and niche currencies, and is the first choice for projects to explore potential; 7. Tra
What is a stablecoin? Understand stablecoins in one article!
Jul 29, 2025 pm 01:03 PM
Stablecoins are cryptocurrencies with value anchored by fiat currency or commodities, designed to solve price fluctuations such as Bitcoin. Their importance is reflected in their role as a hedging tool, a medium of trading and a bridge connecting fiat currency with the crypto world. 1. The fiat-collateralized stablecoins are fully supported by fiat currencies such as the US dollar. The advantage is that the mechanism is simple and stable. The disadvantage is that they rely on the trust of centralized institutions. They represent the projects including USDT and USDC; 2. The cryptocurrency-collateralized stablecoins are issued through over-collateralized mainstream crypto assets. The advantages are decentralization and transparency. The disadvantage is that they face liquidation risks. The representative project is DAI. 3. The algorithmic stablecoins rely on the algorithm to adjust supply and demand to maintain price stability. The advantages are that they do not need to be collateral and have high capital efficiency. The disadvantage is that the mechanism is complex and the risk is high. There have been cases of dean-anchor collapse. They are still under investigation.
Ethena treasury strategy: the rise of the third empire of stablecoin
Jul 30, 2025 pm 08:12 PM
The real use of battle royale in the dual currency system has not yet happened. Conclusion In August 2023, the MakerDAO ecological lending protocol Spark gave an annualized return of $DAI8%. Then Sun Chi entered in batches, investing a total of 230,000 $stETH, accounting for more than 15% of Spark's deposits, forcing MakerDAO to make an emergency proposal to lower the interest rate to 5%. MakerDAO's original intention was to "subsidize" the usage rate of $DAI, almost becoming Justin Sun's Solo Yield. July 2025, Ethe
Ethereum (ETH) NFT sold nearly $160 million in seven days, and lenders launched unsecured crypto loans with World ID
Jul 30, 2025 pm 10:06 PM
Table of Contents Crypto Market Panoramic Nugget Popular Token VINEVine (114.79%, Circular Market Value of US$144 million) ZORAZora (16.46%, Circular Market Value of US$290 million) NAVXNAVIProtocol (10.36%, Circular Market Value of US$35.7624 million) Alpha interprets the NFT sales on Ethereum chain in the past seven days, and CryptoPunks ranked first in the decentralized prover network Succinct launched the Succinct Foundation, which may be the token TGE
What is Binance Treehouse (TREE Coin)? Overview of the upcoming Treehouse project, analysis of token economy and future development
Jul 30, 2025 pm 10:03 PM
What is Treehouse(TREE)? How does Treehouse (TREE) work? Treehouse Products tETHDOR - Decentralized Quotation Rate GoNuts Points System Treehouse Highlights TREE Tokens and Token Economics Overview of the Third Quarter of 2025 Roadmap Development Team, Investors and Partners Treehouse Founding Team Investment Fund Partner Summary As DeFi continues to expand, the demand for fixed income products is growing, and its role is similar to the role of bonds in traditional financial markets. However, building on blockchain
