PHP :: Bug #78663 :: Side effects with _SERVER var

Bug #78663	Side effects with _SERVER var _SERVER['root']
Submitted:	2019-10-11 17:36 UTC	Modified:	2019-10-11 17:51 UTC
From:	flobee at gmail dot com	Assigned:
Status:	Not a bug	Package:	*General Issues
PHP Version:	7.3.10	OS:	Deb10/ Sury's php packages
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	flobee at gmail dot com
New email:
PHP Version:		OS:

New Comment:

[2019-10-11 17:36 UTC] flobee at gmail dot com

Description:
------------
Hey

Some side effects i dont understand to address to but i can confirm the following:
Running as 'root' | 'user'
var_dump( in_array( 'root', $_SERVER ) ); // true | false
var_dump( isset( $_SERVER['root'] ) ); // false | false
var_dump( array_key_exists( 'root', $_SERVER ) ); // false | false

hmm.
So, my break point 'in_array( 'root', $_SERVER ) ? exit(1)..' works. To be save not running scripts under root, but:
I miss a documentation/suggestion or is this a bug?



Test script:
---------------
# Running as 'root' | 'user'
var_dump( in_array( 'root', $_SERVER ) ); // true | false
var_dump( isset( $_SERVER['root'] ) ); // false | false
var_dump( array_key_exists( 'root', $_SERVER ) ); // false | false

Expected result:
----------------
depends on implementation/ documentation.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2019-10-11 17:37 UTC] flobee at gmail dot com

- PHP 7.3.10-1+0~20191008.45+debian10~1.gbp365209 (cli) (built: Oct  8 2019 05:49:09) ( NTS )
- Linux 4.19.0-6-amd64 # 1 SMP Debian 4.19.67-2+deb10u1 (2019-09-20) x86_64 GNU/Linux

[2019-10-11 17:38 UTC] requinix@php.net

-Status: Open +Status: Not a bug

[2019-10-11 17:38 UTC] requinix@php.net

in_array() looks at array *values*, not keys.

[2019-10-11 17:51 UTC] flobee at gmail dot com

ahh stupid me! thx! 
ok, the third party tool seems to change the server vars. Thank you! 

Please close/ drop it! :-)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Apr 20 01:01:28 2024 UTC