php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #33927 $_GET[] or $_POST[]: irrelevant
Submitted: 2005-07-30 02:33 UTC Modified: 2005-07-30 15:11 UTC
From: johny at mysteri dot lu Assigned:
Status: Not a bug Package: Variables related
PHP Version: 4.3.11 OS: Linux Debian
Private report: No CVE-ID: None
 [2005-07-30 02:33 UTC] johny at mysteri dot lu
Description:
------------
I saw it, while coding a form. I put into the form an input, type hidden, with name "func and value "editmember". Then, in the file where the posted data should be read, I made a mistake, I put $_GET['func'], but it still recognoized it, also when it was send by POST (yes I'm sute that the form has POST as method).

Normally, it should only recognoize it when I write $_POST['func'].

Here's the configure line of the PHP installed on the used server:
 Command 	 '../configure' '--prefix=/usr' '--with-apxs2=/usr/bin/apxs2' '--with-config-file-path=/etc/php4/apache2' '--enable-memory-limit' '--disable-debug' '--with-regex=php' '--disable-rpath' '--disable-static' '--with-pic' '--with-layout=GNU' '--with-pear=/usr/share/php' '--enable-calendar' '--enable-sysvsem' '--enable-sysvshm' '--enable-sysvmsg' '--enable-track-vars' '--enable-trans-sid' '--enable-bcmath' '--with-bz2' '--enable-ctype' '--with-db4' '--with-iconv' '--enable-exif' '--enable-filepro' '--enable-ftp' '--with-gettext' '--enable-mbstring' '--with-pcre-regex=/usr' '--enable-shmop' '--enable-sockets' '--enable-wddx' '--disable-xml' '--with-expat-dir=/usr' '--with-xmlrpc' '--enable-yp' '--with-zlib' '--without-pgsql' '--with-kerberos=/usr' '--with-openssl=/usr' '--with-zip=/usr' '--enable-dbx' '--with-mime-magic=/usr/share/misc/file/magic.mime' '--with-exec-dir=/usr/lib/php4/libexec' '--without-mm' '--without-mysql' '--without-sybase-ct'

Reproduce code:
---------------
<?
if ($_GET['func']) {
echo "PHP Result";
} else {
echo "<form method=\"POST\" action=\"file.php\">
<input type=\"hidden\" name=\"func\" value=\"editmember\">
<input type=\"submit\" value=\"Submit\">
</form>";
};
?>

Expected result:
----------------
Normally, pushing the Button "Submit", the Form should be displayed once more.

Actual result:
--------------
PHP Result

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-07-30 15:11 UTC] sniper@php.net
Can not reproduce with either PHP 4.4.0 or PHP 5.1-dev.

 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Dec 02 14:01:29 2024 UTC