FUDforum: comp.lang.php » When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script?

Home » Imported messages » comp.lang.php » When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script?

Show: Today's Messages :: Polls :: Message Navigator

Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? [message #179834 is a reply to message #179832]

Tue, 11 December 2012 13:28

Scott Johnson
Messages: 196
Registered: January 2012

Karma:

Senior Member

On 12/11/2012 2:53 AM, Tony Marston wrote:
> I always understood than when activated through a web browser that
> $_SERVER['SERVER_NAME'] and $_SERVER['HTTP_HOST'] identified the domain
> name under which the script was being run, but I have come across some
> instances where both SERVER_NAME and HTTP_HOST appear to be spoofed, and
> I wondered if this is legitimate or not.
>
> I have an application which exists on a live server and a test server,
> with a different database for each, and they both share a common config
> file which identifies which server it is running on so that it can use
> the relevant database credentials. If the server name does not match
> either of the live or test domain names (such as mydomain.com and
> test.mydomain.com) then it uses invalid credentials which causes an
> error when attempting to access the database. I never though that this
> error would ever appear, but lately I have been getting errors such as
> the following:
>
> Fatal Error: mysqli_connect(): Access denied for user
> 'default'@'localhost' (using password: YES).
> Error in line 259 of file
> '/var/www/vhosts/mydomain.com/httpdocs/transix/includes/dml.mysqli.class.in c'.
>
> PHP_SELF: /index.php
> CURRENT DIRECTORY: /var/www/vhosts/mydomain.com/httpdocs
> SERVER_ADDR: nnn.nnn.nnn.nnn
> SERVER_NAME: www.yahoo.com
> HTTP_HOST: www.yahoo.com
> REMOTE_ADDR: 109.108.142.236
> REQUEST_URI: http://www.yahoo.com/
>
> In order to run this script on my live server the URL should have been
> www.mydomain.com but here you can see it reported as www.yahoo.com. How
> is this possible?
>
> Tony Marston
>
> http://www.tonymarston.net
> http://www.radicore.org

Not an expert but it sounds that maybe your server/PHP engine is not
configured properly.

I know REQUEST_URI should NOT be counted on.

Who is your host provider?

You may try phpinfo() to get the full list of data/variables set by your
server. Some here may ask for that info to help you further.

Scotty

Report message to a moderator

[Message index]

		When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: Tony Marston on Tue, 11 December 2012 10:53
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: Scott Johnson on Tue, 11 December 2012 13:28
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: Paul Herber on Tue, 11 December 2012 14:01
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: Tony Marston on Wed, 12 December 2012 13:05
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: Tony Marston on Wed, 12 December 2012 07:25
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: Scott Johnson on Wed, 12 December 2012 13:27
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: Tony Marston on Wed, 12 December 2012 17:22
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: Daniel Pitts on Wed, 12 December 2012 18:50
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: The Natural Philosoph on Wed, 12 December 2012 19:34
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: Tony Marston on Thu, 13 December 2012 06:52
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: Anders Wegge Keller on Thu, 13 December 2012 07:02
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: The Natural Philosoph on Thu, 13 December 2012 11:43
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: M. Strobel on Tue, 11 December 2012 16:26
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: Tony Marston on Wed, 12 December 2012 13:10
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: Christoph Becker on Wed, 12 December 2012 12:11
		Re: When is it possible for $_SERVER['SERVER_NAME'] to contain something other than the URL which actvated the script? By: Tony Marston on Wed, 12 December 2012 13:00

Previous Topic:	Recommendations for PHP Chart generation?
Next Topic:	Printing out or displaying for debugging

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Mon Nov 25 03:28:12 GMT 2024

Total time taken to generate the page: 0.04460 seconds