|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #33638 /phpweb/include/ -- revert revision 1.254
Submitted: 2005-07-11 02:12 UTC Modified: 2005-09-19 14:10 UTC
From: rajesh at meetrajesh dot com Assigned:
Status: Wont fix Package: Website problem
PHP Version: Irrelevant OS: Linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Bug Type:
From: rajesh at meetrajesh dot com
New email:
PHP Version: OS:


 [2005-07-11 02:12 UTC] rajesh at meetrajesh dot com
$_SERVER['SERVER_NAME'] and $_SERVER['HTTP_HOST'] are NOT the same if the webpage is being served on a non-standard port.

I rsync the PHP manual and run the manual on http://localhost:9000/. $_SERVER['SERVER_NAME'] redirects the page back to http://localhost/ and all images are called from http://localhost instead of http://localhost:9000/ due to the use of $_SERVER['SERVER_NAME']. Using $_SERVER['HTTP_HOST'] corrects this problem.

Reproduce code:
Line 188 in /phpweb/includes/

-    $MYSITE = 'http://' . preg_replace("!^www\\.!", "", $_SERVER["SERVER_NAME"]) . '/';
+    $MYSITE = 'http://' . preg_replace("!^www\\.!", "", $_SERVER["HTTP_HOST"]) . '/';


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2005-09-19 14:10 UTC]
You're not hosting any official mirror, so no, this will not be reverted (it's a XSS hole!).

PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Jul 20 03:02:00 2024 UTC