a question about $_SERVER['PHP_SELF']
Moderator: General Moderators
-
mayanktalwar1988
- Forum Contributor
- Posts: 133
- Joined: Wed Jul 08, 2009 2:44 am
a question about $_SERVER['PHP_SELF']
hey if the curent executing script url of mine is like this localhost/pro/topic.php?id=2
and if i used $_SERVER['PHP_SELF] in the same script
in one of statements like this
echo " <a class=\"pagination\" href='{$_SERVER['PHP_SELF']}?pagenum=$next&id=$id'>'>Next -></a> ";
then the link followed by the above statement will be like this localhost/pro/topic.php?pagenum=1&id=2
or it will be like this localhost/pro/topic.php?id=2pagenum=1&id=2 which i dont want?
and if i used $_SERVER['PHP_SELF] in the same script
in one of statements like this
echo " <a class=\"pagination\" href='{$_SERVER['PHP_SELF']}?pagenum=$next&id=$id'>'>Next -></a> ";
then the link followed by the above statement will be like this localhost/pro/topic.php?pagenum=1&id=2
or it will be like this localhost/pro/topic.php?id=2pagenum=1&id=2 which i dont want?
Re: a question about $_SERVER['PHP_SELF']
Have you tried it to see what happens?
Re: a question about $_SERVER['PHP_SELF']
+1tasairis wrote:Have you tried it to see what happens?
-
mayanktalwar1988
- Forum Contributor
- Posts: 133
- Joined: Wed Jul 08, 2009 2:44 am
Re: a question about $_SERVER['PHP_SELF']
i knew you gonna ask me this question..and answer is nooo......if i have treid that then i havnt asked this question 
Re: a question about $_SERVER['PHP_SELF']
I think this is the point they were trying to makeif i have tried that then i havnt asked this question
Re: a question about $_SERVER['PHP_SELF']
Try it then numpty.mayanktalwar1988 wrote:i knew you gonna ask me this question..and answer is nooo......if i have treid that then i havnt asked this question
-
mayanktalwar1988
- Forum Contributor
- Posts: 133
- Joined: Wed Jul 08, 2009 2:44 am
Re: a question about $_SERVER['PHP_SELF']
numpty .great....... i am gona try it tommorow just trying to add pagination to my already existing script.
Re: a question about $_SERVER['PHP_SELF']
Lol. Sorry.
But honestly, why didn't you just try it yourself? It probably takes longer to post than it would to just make a test script...
But honestly, why didn't you just try it yourself? It probably takes longer to post than it would to just make a test script...
Re: a question about $_SERVER['PHP_SELF']
FYI - That echo is open to xss like REQUEST_URI. As I found out by playing with it a few weeks ago so don't forget to filter it before echoing it out.
-
mayanktalwar1988
- Forum Contributor
- Posts: 133
- Joined: Wed Jul 08, 2009 2:44 am
Re: a question about $_SERVER['PHP_SELF']
hey u the person who called me numpty..i am not numpty (i am a little numpty)
i m lazy
here your anwser
/pro/topic.php
by the way i love this forum...
i m lazy
here your anwser
/pro/topic.php
by the way i love this forum...
Re: a question about $_SERVER['PHP_SELF']
So is PHP_SELF. Stuff after a slash after the extension is considered as part of PHP_SELF.Eric! wrote:FYI - That echo is open to xss like REQUEST_URI. As I found out by playing with it a few weeks ago so don't forget to filter it before echoing it out.
So say you had "blah.php" which contained
Code: Select all
echo $_SERVER['PHP_SELF'];you can inject javascript etc...as well.http://....com/blah.php/<script>alert('XSS');</script>
Think about it - if everyone asked everything like that here instead of trying it themselves...how ridiculous would this forum become? And I did apologisehey u the person who called me numpty..i am not numpty (i am a little numpty)
i m lazy