PHP :: Bug #33638 :: /phpweb/include/site.inc -- revert revision 1.254

Bug #33638	/phpweb/include/site.inc -- revert revision 1.254
Submitted:	2005-07-11 02:12 UTC	Modified:	2005-09-19 14:10 UTC
From:	rajesh at meetrajesh dot com	Assigned:
Status:	Wont fix	Package:	Website problem
PHP Version:	Irrelevant	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

[2005-07-11 02:12 UTC] rajesh at meetrajesh dot com

Description:
------------
$_SERVER['SERVER_NAME'] and $_SERVER['HTTP_HOST'] are NOT the same if the webpage is being served on a non-standard port.

I rsync the PHP manual and run the manual on http://localhost:9000/. $_SERVER['SERVER_NAME'] redirects the page back to http://localhost/ and all images are called from http://localhost instead of http://localhost:9000/ due to the use of $_SERVER['SERVER_NAME']. Using $_SERVER['HTTP_HOST'] corrects this problem.

Reproduce code:
---------------
Line 188 in /phpweb/includes/site.inc:

-    $MYSITE = 'http://' . preg_replace("!^www\\.!", "", $_SERVER["SERVER_NAME"]) . '/';
+    $MYSITE = 'http://' . preg_replace("!^www\\.!", "", $_SERVER["HTTP_HOST"]) . '/';

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-09-19 14:10 UTC] sniper@php.net

You're not hosting any official mirror, so no, this will not be reverted (it's a XSS hole!).

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 17:01:58 2024 UTC