Details
-
Bug
-
Status: Closed (View Workflow)
-
Minor
-
Resolution: Fixed
-
3.1.0-dev, 3.1.0-RC1
-
None
Description
This ticket follows my comment on Bug #2978, on which I have been instructed to open a new issue.
PHP docs about reserved server variables explicitely states that PHP_SELF calculate the path of the script relative to the document root.
Thus, it is dealing with the filesystem path to the script, not its URI.
On the contrary, REQUEST_URI (reading the same docs), indicates the path relative to the server host used to access the page.
That resource is the right one to use when considering URI redirections, since it is dealing with... URI.
My point here:
There is no necessary correlation between filesystem path and URI address.
Thus, please consider either:
- avoiding using PHP_SELF for URI redirections
- prioritizing using REQUEST_URI for that purpose
Here is the relevant part of common.php, for the redirection to the install directory when phpBB has been detected not to be installed:
if (!defined('PHPBB_INSTALLED'))
|
{
|
|
|
[...]
|
|
|
$script_name = (!empty($_SERVER['PHP_SELF'])) ? $_SERVER['PHP_SELF'] : getenv('PHP_SELF');
|
if (!$script_name)
|
{
|
$script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI');
|
}
|
|
|
[...]
|
|
|
}
|
This is filled in as a bug since redirections in environments using URI not correlated to filesystem directories fails to redirect to the proper URI, at least on the very first step: before installing.
Attachments
Issue Links
- caused
-
-
- Closed
-