PHP :: Bug #66090 :: echo function in a script tag problem

Bug #66090	echo function in a script tag problem
Submitted:	2013-11-13 14:18 UTC	Modified:	2013-11-13 14:30 UTC
From:	leesec dot com at gmail dot com	Assigned:
Status:	Not a bug	Package:	*General Issues
PHP Version:	Irrelevant	OS:	win 7
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	leesec dot com at gmail dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2013-11-13 14:18 UTC] leesec dot com at gmail dot com

Description:
------------
Test environment is as follows:
---------------------------------
PHP version:5.4.16
Apache version:2.4.4
Mysql version:5.6.12
---------------------------------



Test script:
---------------
Copy the following code:
-------------------------------------------------------------------------
<html>
<head>
	<title>Hello World</title>
	<meta http-equiv="Content-type" content="text/html;charset=utf-8" />
<script>

var a="<?php echo $_GET['name'] ?>";

</script>
</head>
<body>

</body>
</html>

-----------------------------------------------------------------
Save as test.php, then run http://localhost/test.php (no parameters)

The browser's source code leak path found

Then view browser's source code with the following code:
<script>

var a="<br />
<font size='1'><table class='xdebug-error xe-notice' dir='ltr' border='1' cellspacing='0' cellpadding='1'>
<tr><th align='left' bgcolor='#f57900' colspan="5"><span style='background-color: #cc0000; color: #fce94f; font-size: x-large;'>( ! )</span> Notice: Undefined index: name in E:\wamp\www\test.php on line <i>7</i></th></tr>
<tr><th align='left' bgcolor='#e9b96e' colspan='5'>Call Stack</th></tr>
<tr><th align='center' bgcolor='#eeeeec'>#</th><th align='left' bgcolor='#eeeeec'>Time</th><th align='left' bgcolor='#eeeeec'>Memory</th><th align='left' bgcolor='#eeeeec'>Function</th><th align='left' bgcolor='#eeeeec'>Location</th></tr>
<tr><td bgcolor='#eeeeec' align='center'>1</td><td bgcolor='#eeeeec' align='center'>0.0000</td><td bgcolor='#eeeeec' align='right'>139408</td><td bgcolor='#eeeeec'>{main}(  )</td><td title='E:\wamp\www\test.php' bgcolor='#eeeeec'>..\test.php<b>:</b>0</td></tr>
</table></font>
";

</script>

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2013-11-13 14:30 UTC] derick@php.net

-Status: Open +Status: Not a bug

[2013-11-13 14:30 UTC] derick@php.net

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

PHP is warning you about an undefined array element. This is exactly what should happen.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Mon May 27 03:01:30 2024 UTC