On Thu, May 19, 2011 at 15:04, Scott Baker <[email protected]> wrote:
> I have a script:
>
> http://www.perturb.org/index.php
>
> I accidentally put a trailing / on the url and it STILL loaded:
>
> http://www.perturb.org/index.php/
>
> Is that a bug in URL interpretation? I've tried it on three servers and
> all seem to have the same behavior. All three were Apache on Linux, but
> different versions as far back as PHP 5.2.x.
It's not only intentional, it's also an exploitable feature used
in search engine-friendly URLs and such, and is used by frameworks
including CodeIgniter.
You can grab that data from the $_SERVER['PATH_INFO'] superglobal
value. Try this:
<?php
// Filename: test.php
var_dump($_SERVER['PATH_INFO']);
?>
Then, if that file is in the web root of your local machine, hit it like so:
http://localhost/test.php/this/is/neat
http://localhost/test.php/another/fine/day/in/the/suburbs
http://localhost/test.php/
http://localhost/test.php
http://localhost/test.php/check/this/out?foo=bar&fruit[]=apple&fruit[]=banana&fruit[]=cherry
This way, you can see a variety of examples of how it grabs that
and only that. Now get creative. ;-P
--
</Daniel P. Brown>
Network Infrastructure Manager
http://www.php.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
