|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #283 $REMOTE_USER lost in POST method
Submitted: 1998-04-17 13:14 UTC Modified: 1998-09-22 10:47 UTC
From: ungga at eve dot kaist dot ac dot kr Assigned:
Status: Closed Package: Other
PHP Version: 3.0 Release Candidate 3 OS: SunOS 5.5.1
Private report: No CVE-ID: None
 [1998-04-17 13:14 UTC] ungga at eve dot kaist dot ac dot kr
I'm using apache1.3b5 and php3.0 at sunos5.5.1

Look at the following script(say "test.phtml").
    <form method=post action=show.phtml>
        New id=<input type=text size=20 name=newid>
         echo "<br>Your current is $REMOTE_USER<br>";

and in show.phtml,
     <?php echo "oldid = $REMOTE_USER<br>"; 
           echo "newid = $newid<br>";

test.html and show.phtml is located in the same directory
protected by user-authentification.

Load test.phtml, and enter new id(say "smith").
     Newid [         ]
     Your currnet id is SMITH
(SMITH is auth-user name)

then, show.phtml prints
     oldid =
     newid = smith

$REMOTE_USER is lost at post method.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [1998-09-22 10:47 UTC] zeev
The REMOTE_USER environment variable is not controlled
by PHP.  The most probable reason here is that the POST
method isn't password protected and only the GET is.

Waiting for user response.
It's safe to assume that there will be no user response
by now...
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Fri Jul 19 09:01:28 2024 UTC