Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
Hi there,
I came across two ways to accept input on a POST endpoint for a REST API that I'm building.
'users' => '[ {"name": "xyz"}, {"name": "abc"}, {"name": "def", "posts": [1, 2, 3, 4]} ]'
'users[0]['name']' => 'xyz',
'users[1]['name']' => 'abc',
'users[2]['name']' => 'def',
'users[2]['posts']' => [1, 2, 3, 4],
Number 1 is harder to validate on the server-side.
Can any one please list some of the benefits and drawbacks of each approach? Which is the prefered standard?
Thanks !
I would prefer the first approach, as the JSON format is becoming the defacto standard for passing data between systems.
Not sure though why you think it's harder to validate? If you grab the input and call json_decode($input), you will get a proper PHP array to work with.
example:
public function show(Illuminate\Http\Request $request)
{
$data = json_decode($request->all());
}
@mass6 not really. json_decode($request->all());would crash. But the value against the users parameter would be a JSON string, which will have to be decoded.
The difference is between sending a JSON string against a POST body parameter or sending the entire body as a JSON object (with a application/json content-type header, probably what you're referring to as the "defacto standard").
Please or to participate in this conversation.