Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    Regular Coder
    Join Date
    Jul 2008
    Posts
    150
    Thanks
    24
    Thanked 0 Times in 0 Posts

    how can i got the full path variable ??

    hello,
    if i have file in path like htt://site.com/path/file.php , when i needs to got the path in variable iam doing it like that

    PHP Code:
    $path "http://" $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; 
    but what if i got htt://site.com/path/file.php?id=11 , so with link like that if i used the previous variable it gonna give me only htt://site.com/path/file.php .

    so please what variable should i use to got the full path htt://site.com/path/file.php?id=11

    thanks

  • #2
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,994
    Thanks
    4
    Thanked 2,662 Times in 2,631 Posts
    Never use PHP_SELF for well... anything. It is xss exploitable.
    To include the querystring, you can append the QUERY_STRING server variable, or you can replace the $_SERVER['PHP_SELF'] with $_SERVER['REQUEST_URI']. The querystring will also be included in the argv directive if its been defined.

    Actually, now that I think about this, I'm pretty sure that REQUEST_URI is in the same boat.
    Use SCRIPT_NAME + QUERY_STRING values from the server superglobal instead. Probably the best route.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 
    Been gone for a few months, and haven't programmed in that long of a time. Meh, I'll wing it ;)

  • Users who have thanked Fou-Lu for this post:

    crazy.works (03-10-2009)

  • #3
    Regular Coder
    Join Date
    Jul 2008
    Posts
    150
    Thanks
    24
    Thanked 0 Times in 0 Posts
    thanks a lot


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •