php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #283 $REMOTE_USER lost in POST method
Submitted: 1998-04-17 13:14 UTC Modified: 1998-09-22 10:47 UTC
From: ungga at eve dot kaist dot ac dot kr Assigned:
Status: Closed Package: Other
PHP Version: 3.0 Release Candidate 3 OS: SunOS 5.5.1
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: ungga at eve dot kaist dot ac dot kr
New email:
PHP Version: OS:

 

 [1998-04-17 13:14 UTC] ungga at eve dot kaist dot ac dot kr
I'm using apache1.3b5 and php3.0 at sunos5.5.1

Look at the following script(say "test.phtml").
    <form method=post action=show.phtml>
        New id=<input type=text size=20 name=newid>
    </form>
    <?php
         echo "<br>Your current is $REMOTE_USER<br>";
    ?>

and in show.phtml,
     <?php echo "oldid = $REMOTE_USER<br>"; 
           echo "newid = $newid<br>";
     ?>

test.html and show.phtml is located in the same directory
protected by user-authentification.

Load test.phtml, and enter new id(say "smith").
     Newid [         ]
     Your currnet id is SMITH
(SMITH is auth-user name)

then, show.phtml prints
     oldid =
     newid = smith

$REMOTE_USER is lost at post method.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [1998-09-22 10:47 UTC] zeev
The REMOTE_USER environment variable is not controlled
by PHP.  The most probable reason here is that the POST
method isn't password protected and only the GET is.

Waiting for user response.
---
It's safe to assume that there will be no user response
by now...
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Tue Oct 08 07:01:27 2024 UTC