server-http-logger

Universal HTTP request receiver & logger written in pure PHP

server-http-logger is a lightweight, zero-dependency PHP endpoint that captures and logs everything about incoming HTTP requests. Making it ideal for debugging, webhook inspection, API testing, reverse proxy diagnostics, and security analysis.

Each request is stored in its own unique, timestamped directory, ensuring clean separation and easy inspection.

---

Features

• Captures GET parameters
• Captures POST form data
• Captures raw request body
• Automatically detects and parses JSON payloads
• Captures HTTP headers
• Captures cookies
• Captures server & environment variables
• Handles single and multiple file uploads
• Stores each request in an isolated directory
• High-precision timestamps (microseconds)
• No database required
• No framework required
• Pure PHP (works on shared hosting)

---

Directory Structure

Each request is saved under:

uploads/
└── YYYY-MM-DD/
    └── HH-MM-SS.micro_RANDOMID/
        ├── meta.json
        ├── headers.json
        ├── get.json
        ├── post.json
        ├── cookies.json
        ├── server.json
        ├── raw_body.bin
        ├── json_body.json
        └── files/
            ├── file_1_example.png
            └── file_2_document.pdf

---

Logged Files Explained

File	Description
meta.json	Request metadata (timestamp, method, IP, URI, content type, etc.)
headers.json	All HTTP request headers
get.json	Query string parameters
post.json	POST form fields
cookies.json	Cookies sent by the client
server.json	Full $_SERVER environment dump
raw_body.bin	Raw request body (binary safe)
json_body.json	Parsed JSON body (only if valid JSON)
files/	Uploaded files (supports multiple uploads)

---

Installation

1. Clone or download the repository:

git clone https://github.com/BaseMax/server-http-logger.git

2. Upload the project to your server.

3. Ensure the uploads directory is writable:

chmod -R 0777 uploads

4. Point your web server to index.php.

That’s it — no additional configuration required.

---

Usage Examples

Simple GET request

curl "https://your-domain.com/index.php?foo=bar&x=123"

POST form data

curl -X POST https://your-domain.com/index.php \
  -d "username=test&password=secret"

JSON API request

curl -X POST https://your-domain.com/index.php \
  -H "Content-Type: application/json" \
  -d '{"event":"payment","amount":100}'

File upload

curl -X POST https://your-domain.com/index.php \
  -F "file=@example.png"

---

Response Example

{
  "status": "ok",
  "saved_to": "/path/to/uploads/2025-12-22/14-33-21.123456_ab12cd34",
  "timestamp": "2025-12-22T14:33:21+00:00"
}

---

Use Cases

• Webhook debugging (Stripe, PayPal, GitHub, Telegram, etc.)
• Inspecting third-party API callbacks
• Reverse proxy testing
• Mobile app request inspection
• Security research and request forensics
• Development and QA environments

---

Security Notes

• This tool logs everything.
• Do not expose it publicly in production without access controls.
• Protect the endpoint using IP restrictions, authentication, or firewall rules if needed.
• Stored data may contain sensitive information.

---

Requirements

• PHP 7.2 or higher
• Writable filesystem
• No extensions required beyond standard PHP

---

License

This project is licensed under the MIT License.

Seyyed Ali Mohammadiyeh (Max Base)

You are free to use, modify, and distribute it.