PHP :: Doc Bug #7611 :: setting of $HTTP_POST

Doc Bug #7611	setting of $HTTP_POST_VARS when no post was sent
Submitted:	2000-11-03 04:15 UTC	Modified:	2001-01-22 21:37 UTC
From:	tkruthoff at absolutebackgrounds dot com	Assigned:
Status:	Closed	Package:	Documentation problem
PHP Version:	4.0.3pl1	OS:	linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	tkruthoff at absolutebackgrounds dot com
New email:
PHP Version:		OS:

New Comment:

[2000-11-03 04:15 UTC] tkruthoff at absolutebackgrounds dot com

After upgrading to 4.0.3pl1 from 4.0.0 isset($HTTP_POST_VARS) returns TRUE even if no post data was sent IE GET, etc.  Is this intended?

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2000-11-03 08:27 UTC] zeev@php.net

Yes, it is intended (in order to prevent remote users from injecting information into HTTP_POST_VARS)

[2000-11-03 13:10 UTC] waldschrott@php.net

Has this change found its way to the docs? I?m not sure...

[2001-01-22 21:37 UTC] jimw@php.net

added a note to the docs.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue May 06 08:01:30 2025 UTC