PHP :: Bug #58620 :: incorrect .htaccess values destroy Server-Arrays

Bug #58620	incorrect .htaccess values destroy Server-Arrays
Submitted:	2009-04-06 10:13 UTC	Modified:	2010-11-26 08:36 UTC
From:	andre dot huebner at gmx dot de	Assigned:	martynas (profile)
Status:	Not a bug	Package:	htscanner (PECL)
PHP Version:	5.2.8	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

[2009-04-06 10:13 UTC] andre dot huebner at gmx dot de

Description:
------------
htscanner is pretty rude to serverarrays if incorrect values in .htaccess are given.

for example small upload form for files with simple printing of Predefined servervariables at the end.

Reproduce code:
---------------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
       "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>File-Upload</title>
</head>
<body>

<form action="post.php" method="post" enctype="multipart/form-data">
  <p>please choose a file:<br>
    <input name="myfilename" type="file" size="50" maxlength="100000" 
accept="text/*">
    <input type="submit" name="submit">
  </p>
</form>
<?
print_r($_POST);
print_r($_FILES);
?>
</body>
</html>

Expected result:
----------------
case1, correct .htaccess

php_value post_max_size 12M

shows:
Array ( [submit] => Anfrage senden ) Array ( [Datei] => Array ( [name] => filename.txt [type] => text/plain [tmp_name] => /tmp/phpjHXC9u [error] => 0 [size] => 68 ) ) 

Actual result:
--------------
incorrect .htaccess with small mistake (missing unit M)

php_value post_max_size 12

shows:

Array ( ) Array ( ) 


seems that small mistake in .htaccess destroys whole serverarray.
in my opinion htscanner should ignore not fitting settings.

regards,
andre

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2009-04-07 13:16 UTC] bhuisgen at hbis dot fr

This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.

[2009-05-12 03:14 UTC] andre dot huebner at gmx dot de

Is this already new Version? (0.9.1-dev ) Cant find any difference. htscanner still has problems with units.
In .htaccess:
php_value post_max_size 12M
Unit M is supported bei .htaccess and mod_php. But in htscanner it only works if complete Value 12582912 is used.

Thanks

[2010-11-21 19:52 UTC] martynas at venck dot us

Thanks for the report;  i was able to reproduce it on both, 
latest 5.2 and 5.3 branches.

I'll take a look at it tomorrow.

[2010-11-26 08:25 UTC] martynas at venck dot us

Sorry, this is not a bug.

Htscanner is not "rude" to server arrays;  setting post_max_size to 12 bytes is simply too small to hold the files you're submitting.

php_value post_max_size 12 is very valid;  and means what it says.

This is the expected behavior;  and it's identical to mod_php.

[2010-11-26 08:36 UTC] andre dot huebner at gmx dot de

ok, i see.
glad you had a look.

Thanks

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Dec 27 00:01:30 2024 UTC