Page 1 of 1

PHP_SELF

Posted: Thu Nov 22, 2012 1:04 am
by FrederickGeek8
When I am using $_SERVER['PHP_SELF'] I am able to get things like http://website.com/foo.php/bar fine but I want to do something like http://website.com/bar , when really it is running through index.php and registering it with $_SERVER['PHP_SELF'] instead of looking for a directory.

Is this possible, and if so, how to I do it?

Re: PHP_SELF

Posted: Thu Nov 22, 2012 2:07 am
by ExtremeGaming
$_SERVER['PHP_SELF'] is a huge security risk, but that's not the point I guess. PHP_SELF looks for the file itself so it is not possible.

Re: PHP_SELF

Posted: Fri Nov 23, 2012 12:53 am
by FrederickGeek8
Correct me if I'm wrong but I think the way I am using it is not so much a security risk. I am not storing or really using it for any sensitive data I am just doings things like.
[syntax=php]
if($_SERVER['PHP_SELF'] === 'foo.php/device'){
// hard coded echo
echo 'I think you might be looking for the device section!';
}[/syntax]
I really don't see anyway that could be exploited

Re: PHP_SELF

Posted: Sun Nov 25, 2012 1:43 am
by jacek
Yeah there is no security risk in using it like that. But based on what you are doing it might be better to look at mod_rewrite http://www.workingwith.me.uk/articles/s ... od_rewrite