PHP :: Bug #8123 :: PHP script extension Problem

Bug #8123	PHP script extension Problem
Submitted:	2000-12-05 11:35 UTC	Modified:	2000-12-07 19:30 UTC
From:	younggon at hotmail dot com	Assigned:
Status:	Closed	Package:	Unknown/Other Function
PHP Version:	4.0.3pl1	OS:	All
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	younggon at hotmail dot com
New email:
PHP Version:		OS:

New Comment:

[2000-12-05 11:35 UTC] younggon at hotmail dot com

PHP script extension Problem

Vulnerable : Under PHP 4.0.3pl1


httpd.conf 
=======================================================
AddType application/x-httpd-php .php
=======================================================

=======================================================
cat > "phpbug1.php" << __EOF__
<?   phpinfo(); ?>
__EOF__
=======================================================

Generally, Apache refers to httpd.conf and recognizes 
the extension of "phpbug1.php" as an extension of PHP 
script.

=======================================================
cat > "phpbug2.php " << __EOF__
<? phpinfo(); ?>
__EOF__
=======================================================

In case of "phpbug2.php " script, it is treated as text
strings since it is recognized as "phpbug2.php%20".


*** Problem
=======================================================
cat > "phpbug3.php." << __EOF__
<? phpinfo(); ?>
__EOF__
=======================================================
cat > "phpbug4.php......." << __EOF__
<? phpinfo(); ?>
__EOF__
=======================================================

"phpbug3.php." has to be treated as normal text strings
since it's got no extension.

However, PHP engine recognizes "phpbug3.php." as a PHP 
script and excutes it. PHP engine executes 
"phpbug4.php......." as a php script too.


=========================================================
By: Young Gon Kim <younggon@hotmail.com> 12/5/2000
http://www.khdp.org/
http://drill.hackerslab.org/~piranha/
=========================================================

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2000-12-07 19:30 UTC] jason@php.net

This is a webserver issue, not a php issue

-Jason

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sun Dec 22 05:01:30 2024 UTC