FUDforum: comp.lang.php » Good code or bad code?

Home » Imported messages » comp.lang.php » Good code or bad code?

Show: Today's Messages :: Polls :: Message Navigator

Re: Good code or bad code? [message #170196 is a reply to message #170193]

Sun, 17 October 2010 18:18

Magno
Messages: 49
Registered: October 2010

Karma:

Member

On 10/17/2010 02:09 PM, Thomas 'PointedEars' Lahn wrote:
> Bullshit/FUD. $_SERVER['REQUEST_URI'] yields the HTTP request URI, e.g.
>
> http://foo.example/bar?baz
>
> for an HTTP request containing the headers
>
> GET /bar?baz HTTP/1.1
> Host: foo.example

No. It shows the URI relative to the domain root. not including the
domain name.

> [...]
>
> Use $_SERVER['SCRIPT_NAME'], since $_SERVER['PHP_SELF'] can be misused for
> code injection:
>
> <http://en.wikipedia.org/wiki/Cross-site_scripting>

That is not true.
If you think it is true, give us an example of abusing it for code
injection.

> RTFM and call phpinfo() for details on $_SERVER.

What the OP should read is.-

http://php.net/manual/en/reserved.variables.server.php
and do a print_r($_SERVER);

Report message to a moderator

[Message index]

		Good code or bad code? By: MikeB on Sun, 17 October 2010 04:20
		Re: Good code or bad code? By: Hamish Campbell on Sun, 17 October 2010 06:33
		Re: Good code or bad code? By: MikeB on Sun, 17 October 2010 13:25
		Re: Good code or bad code? By: Jerry Stuckle on Sun, 17 October 2010 12:47
		Re: Good code or bad code? By: MikeB on Sun, 17 October 2010 13:12
		Re: Good code or bad code? By: Jerry Stuckle on Sun, 17 October 2010 13:37
		Re: Good code or bad code? By: Thomas 'PointedEars' on Sun, 17 October 2010 17:09
		Re: Good code or bad code? By: Magno on Sun, 17 October 2010 18:18
		Re: Good code or bad code? By: Thomas 'PointedEars' on Sun, 17 October 2010 18:39
		Re: Good code or bad code? By: Magno on Sun, 17 October 2010 22:16
		Re: Good code or bad code? By: Thomas 'PointedEars' on Sun, 17 October 2010 23:58
		Re: Good code or bad code? By: Hamish Campbell on Mon, 18 October 2010 06:09
		Re: Good code or bad code? By: Jerry Stuckle on Mon, 18 October 2010 00:06

Previous Topic:	buffering to allow headers in code?
Next Topic:	Stats comp.lang.php (last 7 days)

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Tue Nov 26 22:20:26 GMT 2024

Total time taken to generate the page: 0.04157 seconds