The request is defined by HTTP method and HTTP data. HTTP data can be send in the form of URL path: in that case there is usually a tool that transforms the path into HTTP GET variables equivalent. PHP server conveniently parses the data into $_GET and $_POST superglobal arrays. The values can be only of type string, null (no value) or array of these values (if the name contains square brackets). The data consists of request identifier and request parameters. The identifier is a single variable or a function that transforms multivariable identifier to single variable. This is the key for validation metadata table, i.e.
Then we perform consistency check (if needed), which is driven by similar table, but values are functions with set of assert() calls, redirecting the phase to error handler if something is not consistent. In this phase, calling external service like database is oftentimes needed.
If the request is valid and consistent, we perform data transaction: reading or writing data the request desires.
Then the workflow process depends on endpoint type:
Error handlers can process the error in a general way (logging, producing 4xx, 5xx error page), redirect to fallback endpoint or halt any response in case of attack.
In the final step we will outline the Flash Reporter and the Page Container.