php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #23595 File upload problems with arrays in HTML INPUT tags and register variables
Submitted: 2003-05-12 12:38 UTC Modified: 2003-05-23 03:19 UTC
Votes:3
Avg. Score:4.3 ± 0.9
Reproduced:3 of 3 (100.0%)
Same Version:3 (100.0%)
Same OS:2 (66.7%)
From: shb at widearea dot co dot uk Assigned:
Status: Wont fix Package: Variables related
PHP Version: 4.3.2RC3 OS: Linux and Solaris
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2003-05-12 12:38 UTC] shb at widearea dot co dot uk
Assuming you have register variables enabled.

With 4.3.1, when you post from this HTML

<HTML>
<BODY><H1>filename and extra</H1>
<FORM METHOD="POST" ACTION="test.php" ENCTYPE="multipart/form-data">
<INPUT TYPE="FILE" NAME="fields[filename]">
<INPUT TYPE="HIDDEN" NAME="fields[extra]" VALUE="fred">
<INPUT TYPE="SUBMIT">
</FORM>
</BODY>
</HTML>

to this:

<?php
var_dump($fields) ;
?>

you get this:

array(1) { ["extra"]=>  string(4) "fred" }

If you use this HTML:

<HTML>
<BODY><H1>filename </H1>
<FORM METHOD="POST" ACTION="test.php" ENCTYPE="multipart/form-data">
<INPUT TYPE="FILE" NAME="fields[filename]">
<INPUT TYPE="SUBMIT">
</FORM>
</BODY>
</HTML>

you get this:

array(1) { ["filename"]=>  string(14) "/tmp/phpSsMqed" } 

If you use the first file on PHP 4.2.3 you get the response which we believe is correct which is:

array(2) { ["filename"]=>  string(18) "/var/tmp/php7xaWYL" ["extra"]=>  string(4) "fred" }

The bug occurs on both our Linux RH 8.0 and Solaris 7/8 systems.  We have not tried 4.3.2 pre-releases -- it has taken us long enough to find the problem!

There are similar bug reports on old versions but we think that the transition from 4.2.3 to 4.3.1 has changed something.

Regards,
Simon.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2003-05-22 17:50 UTC] sniper@php.net
This is due to fixing some other bug and for the compromise
between having either that not fixed or this. 

It's much safer and recommended that you use the $_FILES and $_POST variables always anyway.


 [2003-05-23 03:19 UTC] shb at widearea dot co dot uk
We all know that things could be changed and as systems 
are updated they are changed.  However, we are 
presented with thousands lines of code written for 
register globals.  

We cannot update to the 4.3.* series as long as this 
bug exists and we are not the only ones effected.

If you could give a hint where the bug is, I will look 
at it.  After all this is a piece of code which worked 
in version < 4.3.1

Simon.
 [2011-04-07 21:34 UTC] zalim_gulum_01 at hotmail dot com
<HTML><HEAD>
<META content="text/html; charset=iso-8859-9" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.19019"></HEAD>
<BODY><BR><BR><BR><BR><BR><BR><BR><BR>
<H1 style="TEXT-ALIGN: center; FONT-FAMILY: Verdana; COLOR: red">BU SİTEYE ERİŞİM HACKED BY İBO // 1923TÜRK-GRUP KARARIYLA ENGELLENMİŞTİR. </H1>
<DIV style="TEXT-ALIGN: center"></DIV></BODY></HTML>
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sat Sep 25 21:03:35 2021 UTC