|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #33638 /phpweb/include/ -- revert revision 1.254
Submitted: 2005-07-11 02:12 UTC Modified: 2005-09-19 14:10 UTC
From: rajesh at meetrajesh dot com Assigned:
Status: Wont fix Package: Website problem
PHP Version: Irrelevant OS: Linux
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2005-07-11 02:12 UTC] rajesh at meetrajesh dot com
$_SERVER['SERVER_NAME'] and $_SERVER['HTTP_HOST'] are NOT the same if the webpage is being served on a non-standard port.

I rsync the PHP manual and run the manual on http://localhost:9000/. $_SERVER['SERVER_NAME'] redirects the page back to http://localhost/ and all images are called from http://localhost instead of http://localhost:9000/ due to the use of $_SERVER['SERVER_NAME']. Using $_SERVER['HTTP_HOST'] corrects this problem.

Reproduce code:
Line 188 in /phpweb/includes/

-    $MYSITE = 'http://' . preg_replace("!^www\\.!", "", $_SERVER["SERVER_NAME"]) . '/';
+    $MYSITE = 'http://' . preg_replace("!^www\\.!", "", $_SERVER["HTTP_HOST"]) . '/';


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2005-09-19 14:10 UTC]
You're not hosting any official mirror, so no, this will not be reverted (it's a XSS hole!).

PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Jul 22 09:01:28 2024 UTC