php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #58620 incorrect .htaccess values destroy Server-Arrays
Submitted: 2009-04-06 10:13 UTC Modified: 2010-11-26 08:36 UTC
From: andre dot huebner at gmx dot de Assigned: martynas (profile)
Status: Not a bug Package: htscanner (PECL)
PHP Version: 5.2.8 OS: Linux
Private report: No CVE-ID: None
 [2009-04-06 10:13 UTC] andre dot huebner at gmx dot de
Description:
------------
htscanner is pretty rude to serverarrays if incorrect values in .htaccess are given.

for example small upload form for files with simple printing of Predefined servervariables at the end.

Reproduce code:
---------------
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
       "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>File-Upload</title>
</head>
<body>

<form action="post.php" method="post" enctype="multipart/form-data">
  <p>please choose a file:<br>
    <input name="myfilename" type="file" size="50" maxlength="100000" 
accept="text/*">
    <input type="submit" name="submit">
  </p>
</form>
<?
print_r($_POST);
print_r($_FILES);
?>
</body>
</html>

Expected result:
----------------
case1, correct .htaccess

php_value post_max_size 12M

shows:
Array ( [submit] => Anfrage senden ) Array ( [Datei] => Array ( [name] => filename.txt [type] => text/plain [tmp_name] => /tmp/phpjHXC9u [error] => 0 [size] => 68 ) ) 

Actual result:
--------------
incorrect .htaccess with small mistake (missing unit M)

php_value post_max_size 12

shows:

Array ( ) Array ( ) 


seems that small mistake in .htaccess destroys whole serverarray.
in my opinion htscanner should ignore not fitting settings.

regards,
andre


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-04-07 13:16 UTC] bhuisgen at hbis dot fr
This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.


 [2009-05-12 03:14 UTC] andre dot huebner at gmx dot de
Is this already new Version? (0.9.1-dev ) Cant find any difference. htscanner still has problems with units.
In .htaccess:
php_value post_max_size 12M
Unit M is supported bei .htaccess and mod_php. But in htscanner it only works if complete Value 12582912 is used.

Thanks
 [2010-11-21 19:52 UTC] martynas at venck dot us
Thanks for the report;  i was able to reproduce it on both, 
latest 5.2 and 5.3 branches.

I'll take a look at it tomorrow.
 [2010-11-26 08:25 UTC] martynas at venck dot us
Sorry, this is not a bug.

Htscanner is not "rude" to server arrays;  setting post_max_size to 12 bytes is simply too small to hold the files you're submitting.

php_value post_max_size 12 is very valid;  and means what it says.

This is the expected behavior;  and it's identical to mod_php.
 [2010-11-26 08:36 UTC] andre dot huebner at gmx dot de
ok, i see.
glad you had a look.

Thanks
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sun May 16 00:01:24 2021 UTC