PHP :: Bug #283 :: $REMOTE_USER lost in POST method

Bug #283	$REMOTE_USER lost in POST method
Submitted:	1998-04-17 13:14 UTC	Modified:	1998-09-22 10:47 UTC
From:	ungga at eve dot kaist dot ac dot kr	Assigned:
Status:	Closed	Package:	Other
PHP Version:	3.0 Release Candidate 3	OS:	SunOS 5.5.1
Private report:	No	CVE-ID:	None

View Developer Edit

[1998-04-17 13:14 UTC] ungga at eve dot kaist dot ac dot kr

I'm using apache1.3b5 and php3.0 at sunos5.5.1

Look at the following script(say "test.phtml").
    <form method=post action=show.phtml>
        New id=<input type=text size=20 name=newid>
    </form>
    <?php
         echo "<br>Your current is $REMOTE_USER<br>";
    ?>

and in show.phtml,
     <?php echo "oldid = $REMOTE_USER<br>"; 
           echo "newid = $newid<br>";
     ?>

test.html and show.phtml is located in the same directory
protected by user-authentification.

Load test.phtml, and enter new id(say "smith").
     Newid [         ]
     Your currnet id is SMITH
(SMITH is auth-user name)

then, show.phtml prints
     oldid =
     newid = smith

$REMOTE_USER is lost at post method.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[1998-09-22 10:47 UTC] zeev

The REMOTE_USER environment variable is not controlled
by PHP.  The most probable reason here is that the POST
method isn't password protected and only the GET is.

Waiting for user response.
---
It's safe to assume that there will be no user response
by now...

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Mon Mar 17 09:01:27 2025 UTC