|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #80915 Taking a reference to $_SERVER hides it's values from phpinfo()
Submitted: 2021-03-29 17:25 UTC Modified: 2021-03-30 11:57 UTC
From: donatj at gmail dot com Assigned: cmb (profile)
Status: Closed Package: Scripting Engine problem
PHP Version: 8.0.3 OS: All
Private report: No CVE-ID: None
 [2021-03-29 17:25 UTC] donatj at gmail dot com
$_SERVER disappeared from our admin phpinfo page, after a bit of poking I figured 
out a middleware we're using takes a reference to $_SERVER.

It only reads, doesn't write to it at all - but it breaks phpinfo.

This can be seen in my given example code where simply:

$foo =& $_SERVER;

breaks phpinfo's variable output

Test script:

echo "---- Expected Output ----\n\n";


echo "\n\n---- Actual Broken Output ----\n\n";

$foo =& $_SERVER;


echo "\n\n---- Proof that \$_SERVER isn't broken ----\n\n";


Expected result:
(truncated to relevant output)


PHP Variables

Variable => Value
$_SERVER['TMPDIR'] => /var/folders/dr/cpm01_51333c1px2yzc8qr9xq1kth0/T/
$_SERVER['__CF_USER_TEXT_ENCODING'] => 0x6E196A00:0x0:0x0
$_SERVER['HOME'] => /Users/jdonat
$_SERVER['SHELL'] => /bin/zsh
$_SERVER['Apple_PubSub_Socket_Render'] => /private/tmp/
$_SERVER['SSH_AUTH_SOCK'] => /private/tmp/
$_SERVER['PATH'] => /usr/bin:/bin:/usr/sbin:/sbin
$_SERVER['LOGNAME'] => jdonat
$_SERVER['DISPLAY'] => /private/tmp/
$_SERVER['XPC_SERVICE_NAME'] => com.electron.standard-otter.146872
$_SERVER['USER'] => jdonat
$_SERVER['XPC_FLAGS'] => 0x0
$_SERVER['REQUEST_TIME_FLOAT'] => 1617038447.9799
$_SERVER['REQUEST_TIME'] => 1617038447
$_SERVER['argv'] => Array
    [0] => -

$_SERVER['argc'] => 1

Actual result:
(truncated to relevant output)


PHP Variables

Variable => Value


Add a Patch

Pull Requests

Pull requests:

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2021-03-29 17:40 UTC] ecegefef dot wfwfwg at fff dot gg
clap on the fingers for pointless use of references and than even for special handled magic vars
 [2021-03-29 17:50 UTC] donatj at gmail dot com
It's not an entirely pointless use of references, just mostly.

If $_SERVER should change after declaring an instance from globals you might want to inherit those changes
 [2021-03-29 18:11 UTC] rowan dot collins at gmail dot com
Simpler reproduction case:

 php -r '$foo =& $_SERVER; phpinfo(INFO_VARIABLES);'

This works as expected on 5.6, but fails on 7.0 - which makes sense, as the implementation of references was heavily changed in that version.
 [2021-03-29 19:02 UTC] rowan dot collins at gmail dot com
The following pull request has been associated:

Patch Name: Handle reference zvals when outputting superglobals in phpinfo()
On GitHub:
 [2021-03-30 11:57 UTC]
-Status: Open +Status: Closed -Assigned To: +Assigned To: cmb
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Tue May 11 09:01:24 2021 UTC