stackoom
  简体   繁体   中英

$_SERVER[“PHP_SELF”] Apache/Xampp forbidden access

 原文  2014-05-16 02:45:04       php/ apache/ permissions/ xampp

Question

I am using an Xampp/Apache server on localhost.

I am trying to use an action on a form which posts to "register.php". 

<form method="post" action= "<?php echo htmlspecialchars($_SERVER["register.php"]);?>">

I get a 403 error "Access Forbidden".

In the url it states: 

<br%20/><b>Notice</b>:%20%20Undefined%20index:%20register.php%20in%20<b>C:/xampp/htdocs/2001/create_account.php</b>%20on%20line%20<b>45</b><br%20/>

(Error on line 45 which is the line of code above).

The file this code is in is a php file, create_account.php

I have tried changing apache httpd.conf permissions, no changes. I have tried finding the solution elsewhere but no luck with a fix.

2 answers

solution1
 0 ACCPTED  2014-05-16 03:09:13

You will need to read the manual page for $_SERVER carefully http://www.php.net/manual/en/reserved.variables.server.php

you may find action="register.php" is all you will need

solution2
 0  2018-06-17 10:54:49

In your code example you've tried to call for an undefined key which array $_SERVER doesn't have and therefor you've got an error.

$_SERVER is a php superglobal and it's form is an array. Arrays can be indexed, associative or mutlidimensional. Associative arrays use keys to accesses values ('key' => 'value') . Example of an associative array: 

$person=array('Name' => 'John', 'Last name' => 'Spencer', 'Age' => 22);

In order to get John's last name you'd first need to specify the array in which all of the information is being held ( $person ) and then request certain information from that array via key ( ['Last name'] ). Example of such request: 

$lastName=$person['Last name'];

If you already know the page you'd like to accesses you should type it in HTML as plain text ( method="register.php" ), there's no need for any php functionality in doing this. Function htmlspecialchars() also isn't necessary since you are the one typing and there's no need to sanitize your own input.

Better than plain text however would be to use $_SERVER['PHP_SELF'] which returns relative path to the page you're currently on. This way is better than previous since if at some point you were to rename your file you wouldn't have to change to your form's method value unlike in previous example.

Finally if you're not leaving the page you're currently on you could also place an empty string as method ( method="" ).

Recommended for further read:

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question problem with $_SERVER['PHP_SELF'] Xampp Access Forbidden php php `$_SERVER['PHP_SELF']` is empty Filter PHP's $_SERVER['PHP_SELF'] jQuery equivalent of $_SERVER[PHP_SELF] $_SERVER['PHP_SELF'] doesn't work? $_SERVER['PHP_SELF'] vulnerability not “working”? Using the superglobal $_SERVER['PHP_SELF'] $_SERVER['PHP_SELF'] wiping form, not posting Redirecting URL with elseif $_SERVER['PHP_SELF']
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM