PHP_SELF

Ask about a PHP problem here.
Post Reply
User avatar
FrederickGeek8
Posts: 148
Joined: Wed Nov 30, 2011 10:31 pm

PHP_SELF

Post by FrederickGeek8 »

When I am using $_SERVER['PHP_SELF'] I am able to get things like http://website.com/foo.php/bar fine but I want to do something like http://website.com/bar , when really it is running through index.php and registering it with $_SERVER['PHP_SELF'] instead of looking for a directory.

Is this possible, and if so, how to I do it?
ExtremeGaming
Posts: 205
Joined: Mon Jul 09, 2012 11:13 pm

Re: PHP_SELF

Post by ExtremeGaming »

$_SERVER['PHP_SELF'] is a huge security risk, but that's not the point I guess. PHP_SELF looks for the file itself so it is not possible.
<?php while(!$succeed = try()); ?>
User avatar
FrederickGeek8
Posts: 148
Joined: Wed Nov 30, 2011 10:31 pm

Re: PHP_SELF

Post by FrederickGeek8 »

Correct me if I'm wrong but I think the way I am using it is not so much a security risk. I am not storing or really using it for any sensitive data I am just doings things like.
if($_SERVER['PHP_SELF'] === 'foo.php/device'){
// hard coded echo
echo 'I think you might be looking for the device section!';
}
I really don't see anyway that could be exploited
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: PHP_SELF

Post by jacek »

Yeah there is no security risk in using it like that. But based on what you are doing it might be better to look at mod_rewrite http://www.workingwith.me.uk/articles/s ... od_rewrite
Image
Post Reply