action="<?=$PHP_SELF?>">

**Erwin Moller** · Jun 6 '07, 04:15 PM

Re: action="&l t;?=$PHP_SELF?& gt;">

zoilus wrote:

Can not determine how "<?=PHP_SEL F?>" is supposed to work.
>
The below is the line of code.

>
When the above statement is run the following is the result.
>
You don't have permission to access /dev/forms/forms_testing/< on this
server.

Hi,

Why make things complicated?
Why don't you just fill in the name of the script you want?
Don't you know how your script is named?

I never understood why people want to use PHP_SELF.
:-/

Regards,
Erwin Moller

**zoilus** · Jun 6 '07, 04:25 PM

Re: action="&l t;?=$PHP_SELF?& gt;">

As I often do, I try learning from other peoples work. This script was
on a site and I thought it interesting. Trying to dig out interesting
tidbits. I had already put the 'search.php' in it's place but was
curious as to what and why $PHP_SELF was "Trying to be used" because is
was not working. This made it more interesting. I looked up what I think
it was to do but still can not figure out why it is not working.

Anyway.....

Erwin Moller wrote:

zoilus wrote:
>
>

>>Can not determine how "<?=PHP_SEL F?>" is supposed to work.
>>
>>The below is the line of code.
>>
>>
>>When the above statement is run the following is the result.
>>
>>You don't have permission to access /dev/forms/forms_testing/< on this
>>server.

>
>
Hi,
>
Why make things complicated?
Why don't you just fill in the name of the script you want?
Don't you know how your script is named?
>
I never understood why people want to use PHP_SELF.
:-/
>
Regards,
Erwin Moller
>
>

**=?ISO-8859-15?Q?Iv=E1n_S=E1nchez_Ortega?=** · Jun 6 '07, 04:25 PM

Re: action="&l t;?=$PHP_SELF?& gt;">

Erwin Moller wrote:

I never understood why people want to use PHP_SELF.

Portability.

Cheers,
--
----------------------------------
Iván Sánchez Ortega -ivansanchez-algarroba-escomposlinux-punto-org-

http://acm.asoc.fi.upm.es/~mr/

Proudly running Debian Linux with 2.6.20-1-amd64 kernel, KDE 3.5.7, and PHP
5.2.2-2 generating this signature.
Uptime: 18:17:59 up 6 days, 20 min, 3 users, load average: 1.52, 2.26,
2.15

**Erwin Moller** · Jun 6 '07, 04:35 PM

Re: action="&l t;?=$PHP_SELF?& gt;">

zoilus wrote:

As I often do, I try learning from other peoples work. This script was
on a site and I thought it interesting. Trying to dig out interesting
tidbits. I had already put the 'search.php' in it's place but was
curious as to what and why $PHP_SELF was "Trying to be used" because is
was not working. This made it more interesting. I looked up what I think
it was to do but still can not figure out why it is not working.
>
Anyway.....

Hi Zoilus,

The one and foremost way to debug form-postings (in my humble opinion of
course) is dumping the posting in PHP.

for example: You post a form with method="post" to search.php

then in search.php start with this:

<?php
// dump the post
echo "<pre>";
print_r($_POST) ;
echo "</pre>";
exit;
?>

I must have typed the sequence of lines a zillion times by now. ;-)

You can do the same with $_GET (for forms that use method="get").
or for cookies: $_COOKIE
or actually for any array you might want to inspect.

Do not forget the <pre>..</prebecause print_r() is nicely formatted only
if you use pre.

Hope that helps.
Regards,
Erwin Moller

>
>
Erwin Moller wrote:
>

>zoilus wrote:
>>
>>

>>>Can not determine how "<?=PHP_SEL F?>" is supposed to work.
>>>
>>>The below is the line of code.
>>>
>>>
>>>When the above statement is run the following is the result.
>>>
>>>You don't have permission to access /dev/forms/forms_testing/< on this
>>>server.

>>
>>
>Hi,
>>
>Why make things complicated?
>Why don't you just fill in the name of the script you want?
>Don't you know how your script is named?
>>
>I never understood why people want to use PHP_SELF.
>:-/
>>
>Regards,
>Erwin Moller
>>
>>

**Erwin Moller** · Jun 6 '07, 04:35 PM

Re: action="&l t;?=$PHP_SELF?& gt;">

Iván Sánchez Ortega wrote:

Erwin Moller wrote:
>

>I never understood why people want to use PHP_SELF.

>
Portability.

Right, I see your point.
Comes in handy when using general form-generating routines and the like. ;-)

Regards,
Erwin Moller

>
Cheers,

**gbbulldog** · Jun 6 '07, 04:55 PM

Re: action="&l t;?=$PHP_SELF?& gt;">

On 6 Jun, 16:56, zoilus <zol...@somepla ce.orgwrote:

Can not determine how "<?=PHP_SEL F?>" is supposed to work.
>
The below is the line of code.

>
When the above statement is run the following is the result.
>
You don't have permission to access /dev/forms/forms_testing/< on this
server.

Erm... why don't you just view the HTML source to see what's in the
$PHP_SELF variable?

**phpCodeHead** · Jun 6 '07, 04:55 PM

Re: action="&l t;?=$PHP_SELF?& gt;">

On Jun 6, 10:56 am, zoilus <zol...@somepla ce.orgwrote:

Can not determine how "<?=PHP_SEL F?>" is supposed to work.
>
The below is the line of code.

>
When the above statement is run the following is the result.
>
You don't have permission to access /dev/forms/forms_testing/< on this
server.

not sure your version of php or it's config, but try using
$_SERVER['PHP_SELF']; or set a global variable to $PHP_SELF =
$_SERVER['PHP_SELF']; then reference throughout your app whenever
necessary.

Also, educate yourself a bit more on this subject at http://us.php.net/reserved.variables

hth,

-----------
Gene Kelley
LAMP Web Application Developer
BizFlowDesigns. com
St. Louis, Missouri, USA

**Anonymous** · Jun 6 '07, 06:15 PM

Re: action="&l t;?=$PHP_SELF?& gt;">

zoilus wrote:

>
Can not determine how "<?=PHP_SEL F?>" is supposed to work.
>
The below is the line of code.

>
When the above statement is run the following is the result.
>
You don't have permission to access /dev/forms/forms_testing/< on this
server.

The <?=PHP_SELF?syn tax requires short tags and register globals to be
on. Both are off on most default installations nowadays. Try this and
see if that works:

<?php echo $_SERVER['PHP_SELF']; ?>

**Jonathan N. Little** · Jun 6 '07, 06:55 PM

Re: action="&l t;?=$PHP_SELF?& gt;">

Erwin Moller wrote:

Iván Sánchez Ortega wrote:
>

>Erwin Moller wrote:
>>

>>I never understood why people want to use PHP_SELF.

>Portability.

>
Right, I see your point.
Comes in handy when using general form-generating routines and the like. ;-)

I would advise:

// prevent some wiseass XSS insertion
$sanitized=html entities($_SERV ER['PHP_SELF']);

<form action="<?php echo $sanitized; ?>" method="post">

--
Take care,

Jonathan
-------------------
LITTLE WORKS STUDIO

Little Works Studio Site Maintainance

http://www.LittleWorksStudio.com

**zoilus** · Jun 6 '07, 09:55 PM

Re: action="&l t;?=$PHP_SELF?& gt;">

Ok, if one of you fine folks would like to explain this one. I do not
understand.

Erwin Moller wrote:

Iván Sánchez Ortega wrote:
>
>

>>Erwin Moller wrote:
>>
>>

>>>I never understood why people want to use PHP_SELF.

>>
>>Portability .

>
>
Right, I see your point.
Comes in handy when using general form-generating routines and the like. ;-)
>
Regards,
Erwin Moller
>
>

>>Cheers,

>
>

**zoilus** · Jun 6 '07, 09:55 PM

Re: action="&l t;?=$PHP_SELF?& gt;">

Here ya go.

<h2>Search</h2>
<form name="search" method="post" action="<?=$PHP _SELF?>">
Seach for: <input type="text" name="find" /in
<Select NAME="field">
<Option VALUE="fname">F irst Name</option>
<Option VALUE="lname">L ast Name</option>
<Option VALUE="info">Pr ofile</option>
</Select>
<input type="hidden" name="searching " value="yes" />
<input type="submit" name="search" value="Search" />
</form>

gbbulldog wrote:

On 6 Jun, 16:56, zoilus <zol...@somepla ce.orgwrote:
>

>>Can not determine how "<?=PHP_SEL F?>" is supposed to work.
>>
>>The below is the line of code.
>>
>>
>>When the above statement is run the following is the result.
>>
>>You don't have permission to access /dev/forms/forms_testing/< on this
>>server.

>
>
Erm... why don't you just view the HTML source to see what's in the
$PHP_SELF variable?
>

**zoilus** · Jun 6 '07, 10:05 PM

Re: action="&l t;?=$PHP_SELF?& gt;">

I had been trying this one and a few others without success, until I
used this

// $PHP_SELF=$_SER VER['PHP_SELF']; //r&d
// print "$PHP_SELF" ; //r&d

The above worked while others just blanked my php output.

Anonymous wrote:

zoilus wrote:
>

>>Can not determine how "<?=PHP_SEL F?>" is supposed to work.
>>
>>The below is the line of code.
>>
>>
>>When the above statement is run the following is the result.
>>
>>You don't have permission to access /dev/forms/forms_testing/< on this
>>server.

>
>
The <?=PHP_SELF?syn tax requires short tags and register globals to be
on. Both are off on most default installations nowadays. Try this and
see if that works:
>
<?php echo $_SERVER['PHP_SELF']; ?>

**zoilus** · Jun 6 '07, 10:15 PM

Re: action="&l t;?=$PHP_SELF?& gt;">

Thanks, good suggestion. I will.

Jonathan N. Little wrote:

Erwin Moller wrote:
>

>Iván Sánchez Ortega wrote:
>>

>>Erwin Moller wrote:
>>>
>>>I never understood why people want to use PHP_SELF.
>>>
>>Portability .

>>
>>
>Right, I see your point.
>Comes in handy when using general form-generating routines and the
>like. ;-)

>
>
I would advise:
>
// prevent some wiseass XSS insertion
$sanitized=html entities($_SERV ER['PHP_SELF']);
>
<form action="<?php echo $sanitized; ?>" method="post">
>
>

**Rik** · Jun 6 '07, 10:15 PM

Re: action="&l t;?=$PHP_SELF?& gt;">

On Thu, 07 Jun 2007 00:03:09 +0200, zoilus <zolius@somepla ce.orgwrote:

I had been trying this one and a few others without success, until I
used this
>
// $PHP_SELF=$_SER VER['PHP_SELF']; //r&d
// print "$PHP_SELF" ; //r&d
>
The above worked while others just blanked my php output.

Some pointers:

- Never ever use the <?=$varname ?syntax. (Which assumes both shorttags
and register_global s set to On, both of which are a Bad Idea)

- Do not expect any magic variable to exist except the ones listed on
http://www.php.net/manual/en/languag...predefined.php (well,
including $this in classes etc.)

Also, putting double quotes around a single variable to echo, print, or do
anything else with it is just plain silly. All it does is it casts it toa
string, which is already assumed by echo/print constructs. If you really
need to cast it to a string, using strval() (only for scalars) or
(string)$varnam e is preferred. See
http://www.php.net/manual/en/languag...e-juggling.php for more
details on this.

Short answer:
<?php echo $_SERVER['PHP_SELF']; ?works almost all the time, depending
on what webserver you use (as it isn't provided by PHP itself, the server
tells PHP what it should be).
--
Rik Wasmus

action="<?=$PHP_SELF?>">

action="<?=$PHP_SELF?>">

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment