Alternative to $_SERVER['PHP_SELF']

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
rhecker
Forum Contributor
Posts: 178
Joined: Fri Jul 11, 2008 5:49 pm

Alternative to $_SERVER['PHP_SELF']

Post by rhecker »

In my forms that post back to themselves, I am considering the following alternative to $_SERVER['PHP_SELF']. Does anyone see a security isse with this? I appreciate any thoughts:

basename(dirname(__FILE__))."/".basename(__FILE__);
User avatar
kaisellgren
DevNet Resident
Posts: 1675
Joined: Sat Jan 07, 2006 5:52 am
Location: Lahti, Finland.

Re: Alternative to $_SERVER['PHP_SELF']

Post by kaisellgren »

That is fine if it works for you. Good that you are not using PHP_SELF.
rhecker
Forum Contributor
Posts: 178
Joined: Fri Jul 11, 2008 5:49 pm

Re: Alternative to $_SERVER['PHP_SELF']

Post by rhecker »

Thanks Kai. You're opinion is valuable.
Post Reply