From: ng4rrjanbiah at rediffmail dot com Operating system: PHP version: 5.2.1 PHP Bug Type: Feature/Change Request Bug description: get_project_env() to get current URI, accessing script...
Description: ------------ Why needed: There is no reliable mechanism in PHP to get the current executing script name. $_SERVER['SCRIPT_FILENAME'] and $_SERVER['argv'][0] are not reliable now; the variables are again prone to tampering (say for example, any including scripts could override these global vars for that file scope). Implementation of this function might also solve XSS issues. How this function has to be implemented: If the current accessed URI is 'http://example.com/foo_project/foobar.php?php=1&ajax=0' get_project_env() returns 'current_uri' => 'http://example.com/foo_project/foobar.php?php=1&ajax=0', 'current_accessing_script' => '/foo_project/foobar.php', 'current_file' => '/foo_project/foobar.php', //will be different if the file is included (__FILE__) 'current_include_depth' => 0 //will be different if it's included by the accessing script What urged me to post this request: I have the file architecture something like: <?php //foo.php include './config.php'; include './license_check.php'; //blah... the rest of the proprietary codes. ?> All files except config.php and say foobar.php will be encrypted for proprietary reasons. I need to check if the accessing script is 'foobar.php' inside the license_check.php; see, the user can still access to the config.php and can tamper the $_SERVER--which is the only way now to get the current accessing script, AFA*I*K. In this case, if I have get_project_env(), it will return untampered current URI, accessing script, etc. This will be very helpful. Thanks, R. Rajesh Jeba Anbiah -- Edit bug report at http://bugs.php.net/?id=40853&edit=1 -- Try a CVS snapshot (PHP 4.4): http://bugs.php.net/fix.php?id=40853&r=trysnapshot44 Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=40853&r=trysnapshot52 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=40853&r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=40853&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=40853&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=40853&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=40853&r=needscript Try newer version: http://bugs.php.net/fix.php?id=40853&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=40853&r=support Expected behavior: http://bugs.php.net/fix.php?id=40853&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=40853&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=40853&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=40853&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=40853&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=40853&r=dst IIS Stability: http://bugs.php.net/fix.php?id=40853&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=40853&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=40853&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=40853&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=40853&r=mysqlcfg