Where are my $_SERVER variables?
Moderator: General Moderators
Where are my $_SERVER variables?
Hi,
I've written lots of PHP scripts on a server managed by a 3rd party and now I'm switching to my own server. I installed PHP on Apache Tomcat and it works fine - except that when I ask for $_SERVER variables, they are all blank!
Do I have to set them up in the server? Where? How?
Thanks For Your Help,
RR
ps - i checked pretty much every one and even $_SERVER['PHP_SELF'] doesn't work
I've written lots of PHP scripts on a server managed by a 3rd party and now I'm switching to my own server. I installed PHP on Apache Tomcat and it works fine - except that when I ask for $_SERVER variables, they are all blank!
Do I have to set them up in the server? Where? How?
Thanks For Your Help,
RR
ps - i checked pretty much every one and even $_SERVER['PHP_SELF'] doesn't work
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
I think this has to do with the server settings. It has been spoken about quite often recently that reliance on Server Variables is at best a shot in the dark. Not only that, but it is insecure as well. You may want to look into alternative ways to achieve what you want out of your server variables.
Re: Where are my $_SERVER variables?
Try this:rsouthon wrote:ps - i checked pretty much every one and even $_SERVER['PHP_SELF'] doesn't work
Code: Select all
<?php
print_r($_SERVER);
?>How do I set up the server variables?
I tried Oren's test and got this:
Array ( [argv] => Array ( ) [argc] => 0 )
I assume that means there are no server variables defined? So where and how do I set them?
If they are a true security threat, how should I be defining things like a variable that gives me the current page or the server root? I really don't know how I woulda have built my previous PHP applications with out them! It would have been messy. WHICH variables are a security threat? Maybe I can just set up the ones I want to use instead of all of them?
Thanks your help so far!
Array ( [argv] => Array ( ) [argc] => 0 )
I assume that means there are no server variables defined? So where and how do I set them?
If they are a true security threat, how should I be defining things like a variable that gives me the current page or the server root? I really don't know how I woulda have built my previous PHP applications with out them! It would have been messy. WHICH variables are a security threat? Maybe I can just set up the ones I want to use instead of all of them?
Thanks your help so far!
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Looking arounf the file system section of the manual gives good insight into how a developer would achieve what you want to achieve without the use of server variables. pathinfo(), basename() and dirname() come to mind.
Forget Server Variables
You're right! It seems like I can get most of the info I want out of file system functions. Other than that, I just use my own session variables. Thx!Everah wrote:Looking arounf the file system section of the manual gives good insight into how a developer would achieve what you want to achieve without the use of server variables. pathinfo(), basename() and dirname() come to mind.
RR
Another way to get current page without server var
This is actually all i needed:
echo $PHP_SELF;
echo $PHP_SELF;
What The Ninja Space Goat was trying to say: Don't use it.The Ninja Space Goat wrote:PHP_SELF can contain user input, so be careful with it.
Try this instead:
Code: Select all
$self = basename(__FILE__);- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Re: Another way to get current page without server var
$PHP_SELF also requires register_globals to be on. That is insane.rsouthon wrote:This is actually all i needed:
echo $PHP_SELF;
Do this instead:
Code: Select all
<?php
// If this is in the calling page
$file = basename(__FILE__);
// Or, if calling from outside the file, like an include
$file = basename($_SERVER['SCRIPT_FILENAME']);
?>- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
Popularity != sensibility. Just because all of the lazy developers that submit scripts to Hotscripts use it does not mean that the rest of use less lazy developers should.matthijs wrote:If you think about it. How many examples of form scripts do use echo PHP SELF? 90% of the scripts on hotscripts? 98% of the scripts in tutorials on how-to-build your own contact form?