|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #41793 SCRIPT_NAME breaks when a slash follows filename.php in URL
Submitted: 2007-06-24 21:30 UTC Modified: 2007-07-02 01:00 UTC
Avg. Score:4.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:0 (0.0%)
Same OS:0 (0.0%)
From: chris at w3style dot co dot uk Assigned:
Status: No Feedback Package: CGI/CLI related
PHP Version: 5.2.3 OS: Mac OS X
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please — but make sure to vote on the bug!
Your email address:
Solve the problem:
43 + 47 = ?
Subscribe to this entry?

 [2007-06-24 21:30 UTC] chris at w3style dot co dot uk
When comparing the values held in $_SERVER['SCRIPT_NAME'] in CGI and 
SAPI in PHP 5.2.3, there's an obvious bug in the CGI version.

It works fine when the .php is the end of the URL, but in the case you 
use a URL like the following it breaks:

Without the slash:

[SCRIPT_NAME] => /~d11wtq/Router/demo.php

With the slash:

[SCRIPT_NAME] => tq/Sites/Router/demo.php

This is probably because PHP is trying to truncate the wrong 
environment variable when producing the string.  The path on disk is:


You'll notice that the length of the incorrect string is actually the 
same as the length of the correct string, which is why I make this 

I have found the following PHP code offers a suitable workaround until 
this bug is fixed:


if (isset($_SERVER["SCRIPT_NAME"]))
  if (isset($_SERVER["ORIG_PATH_INFO"]))
    $len = strlen($_SERVER["SCRIPT_NAME"]);
    if (($tmp = substr($_SERVER["ORIG_PATH_INFO"], 0, $len)) != 
      $_SERVER["SCRIPT_NAME"] = $tmp;


Reproduce code:
Not needed, the description explains it nicely :)

Expected result:
$_SERVER["SCRIPT_NAME"] should contain the virtual path to the file in 
both cases.  This should be:


Actual result:
SCRIPT_NAME contains a bogus string when run under CGI, but only if 
there's a slash after the .php suffix.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2007-06-24 22:25 UTC]
Please try using this CVS snapshot:
For Windows (zip):

For Windows (installer):

I think something like this was fixed last week.
 [2007-07-02 01:00 UTC] php-bugs at lists dot php dot net
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 [2010-01-25 17:01 UTC] fabio dot sussetto at gmail dot com
I get the same bug on a server with Linux, PHP Version 5.2.5, Server API 	
CGI/FastCGI . The problem arises when there is a slash after the *.php 
part of the file name.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Apr 22 04:01:31 2024 UTC