PHP :: Bug #19762 :: POST action leads to $ variable containing 'dataenteredvariable=datayouentered'

Bug #19762

POST action leads to $ variable containing 'dataenteredvariable=datayouentered'

Submitted:

2002-10-04 17:36 UTC

Modified:

2002-10-05 03:09 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	0 of 0 (0.0%)

From:

fmartens at zwintranet dot nl

Assigned:

Status:

Closed

Package:

Apache2 related

PHP Version:

4CVS-2002-10-04

OS:

linux (rh6.2)

Private report:

CVE-ID:

None

View Add Comment Developer Edit

[2002-10-04 17:36 UTC] fmartens at zwintranet dot nl

When you have a form that uses POST as it's action. The value of the variable in which you store the data is as follows:

let "avar" be the variable
let "johndoe" be the text entered
 
you end up with $_POST[avar]="johndoeavar=johndoe"

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-10-04 17:42 UTC] fmartens at zwintranet dot nl

using apache 2.0.43. this bug was also filed as 18648, but it was closed as 'no feedback'. the problem does still exist here.

apache compiled with:
./configure --with-ssl=/usr/local/ssl --enable-so --enable-mods-shared="proxy proxy_connect proxy_http status autoindex asis cgi dir alias rewrite" --with-apxs --enable-ssl

php compiled with:
./configure --prefix=/usr/local/apache2/php --with-apxs2=/usr/local/apache2/bin/apxs --with-openssl=/usr/local/ssl --with-mysql

[2002-10-04 18:17 UTC] iliaa@php.net

Not enough information was provided for us to be able
to handle this bug. Please re-read the instructions at
http://bugs.php.net/how-to-report.php

If you can provide more information, feel free to add it
to this bug and change the status back to "Open".

Thank you for your interest in PHP.


Given the provided info I am unable to replicate this bug.

[2002-10-05 02:47 UTC] fmartens at zwintranet dot nl

let the web server be apache 2.0.43
let the php be 4CVS-2002-10-04
let there be a web form, submitted via POST, with only 1 field.

the contents of the variable of that one field get mangled.
if the name of the field is 'youraddress'
and you enter '14 bogusstreet'
the contents of $_POST[youraddress] become:
'14 bogusstreetyouraddress=14 bogusstreet'

[2002-10-05 03:02 UTC] sander@php.net

Weird... looking at the other bugreports about this, this might be a configuration issue. Are you using the Input- and OutputFilter directives? You shouldn't. You only need the LoadModule line and one or more AddType lines.

[2002-10-05 03:09 UTC] fmartens at zwintranet dot nl

as sander at php dot net suggested. this is the case, i was using the in/out filter in the apache config.

it wouldn't work without them in the previous version, but now it works al fine. thanks

[2003-03-17 11:31 UTC] php at luizfelipe dot eng dot br

You must use either use Input/Output filter or AddType, but not both. If so the problem happens!

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Apr 20 14:01:29 2024 UTC