PHP :: Bug #23595 :: File upload problems with arrays in HTML INPUT tags and register variables

Bug #23595

File upload problems with arrays in HTML INPUT tags and register variables

Submitted:

2003-05-12 12:38 UTC

Modified:

2003-05-23 03:19 UTC

Votes:	3
Avg. Score:	4.3 ± 0.9
Reproduced:	3 of 3 (100.0%)
Same Version:	3 (100.0%)
Same OS:	2 (66.7%)

From:

shb at widearea dot co dot uk

Assigned:

Status:

Wont fix

Package:

Variables related

PHP Version:

4.3.2RC3

OS:

Linux and Solaris

Private report:

CVE-ID:

None

View Developer Edit

[2003-05-12 12:38 UTC] shb at widearea dot co dot uk

Assuming you have register variables enabled.

With 4.3.1, when you post from this HTML

<HTML>
<BODY><H1>filename and extra</H1>
<FORM METHOD="POST" ACTION="test.php" ENCTYPE="multipart/form-data">
<INPUT TYPE="FILE" NAME="fields[filename]">
<INPUT TYPE="HIDDEN" NAME="fields[extra]" VALUE="fred">
<INPUT TYPE="SUBMIT">
</FORM>
</BODY>
</HTML>

to this:

<?php
var_dump($fields) ;
?>

you get this:

array(1) { ["extra"]=>  string(4) "fred" }

If you use this HTML:

<HTML>
<BODY><H1>filename </H1>
<FORM METHOD="POST" ACTION="test.php" ENCTYPE="multipart/form-data">
<INPUT TYPE="FILE" NAME="fields[filename]">
<INPUT TYPE="SUBMIT">
</FORM>
</BODY>
</HTML>

you get this:

array(1) { ["filename"]=>  string(14) "/tmp/phpSsMqed" } 

If you use the first file on PHP 4.2.3 you get the response which we believe is correct which is:

array(2) { ["filename"]=>  string(18) "/var/tmp/php7xaWYL" ["extra"]=>  string(4) "fred" }

The bug occurs on both our Linux RH 8.0 and Solaris 7/8 systems.  We have not tried 4.3.2 pre-releases -- it has taken us long enough to find the problem!

There are similar bug reports on old versions but we think that the transition from 4.2.3 to 4.3.1 has changed something.

Regards,
Simon.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2003-05-22 17:50 UTC] sniper@php.net

This is due to fixing some other bug and for the compromise
between having either that not fixed or this. 

It's much safer and recommended that you use the $_FILES and $_POST variables always anyway.

[2003-05-23 03:19 UTC] shb at widearea dot co dot uk

We all know that things could be changed and as systems 
are updated they are changed.  However, we are 
presented with thousands lines of code written for 
register globals.  

We cannot update to the 4.3.* series as long as this 
bug exists and we are not the only ones effected.

If you could give a hint where the bug is, I will look 
at it.  After all this is a piece of code which worked 
in version < 4.3.1

Simon.

[2011-04-07 21:34 UTC] zalim_gulum_01 at hotmail dot com

<HTML><HEAD>
<META content="text/html; charset=iso-8859-9" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.19019"></HEAD>
<BODY><BR><BR><BR><BR><BR><BR><BR><BR>
<H1 style="TEXT-ALIGN: center; FONT-FAMILY: Verdana; COLOR: red">BU SİTEYE ERİŞİM HACKED BY İBO // 1923TÜRK-GRUP KARARIYLA ENGELLENMİŞTİR. </H1>
<DIV style="TEXT-ALIGN: center"></DIV></BODY></HTML>

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 11:01:30 2024 UTC