[ACCEPTED]-How To Identify The Requested Page In PHP-php

Accepted answer
Score: 26

I decided to test it out myself. The $_SERVER['SCRIPT_NAME'] variable 12 serves up the path to the requested file, even 11 if it's an index file, and without get parameters 10 or anything else. The PHP documentation 9 states this contains the path of the file, but 8 it seems to be relative to the document 7 root, just like PHP_SELF, but without the security 6 vulnerability.

Here is the code I used to 5 test this: https://gist.github.com/dimo414/5484870

The output when requesting example.com/?foo=bar:

__FILE__:               /var/www/index.php
PHP_SELF:               /index.php
SCRIPT_NAME:            /index.php
REQUEST_URI:            /?foo=bar
parse_url(REQUEST_URI): /


__FILE__:               /var/www/pathtest.php
PHP_SELF:               /index.php
SCRIPT_NAME:            /index.php
REQUEST_URI:            /?foo=bar
parse_url(REQUEST_URI): /

And 4 the output when requesting example.com/index.php/<strong>XSS</strong>:

__FILE__:               /var/www/index.php
PHP_SELF:               /index.php/XSS # note the XSS exploit (this is bold in browser)
SCRIPT_NAME:            /index.php     # No exploit here
REQUEST_URI:            /index.php/%3Cstrong%3EXSS%3C/strong%3E
parse_url(REQUEST_URI): /index.php/%3Cstrong%3EXSS%3C/strong%3E


__FILE__:               /var/www/pathtest.php
PHP_SELF:               /index.php/XSS
SCRIPT_NAME:            /index.php
REQUEST_URI:            /index.php/%3Cstrong%3EXSS%3C/strong%3E
parse_url(REQUEST_URI): /index.php/%3Cstrong%3EXSS%3C/strong%3E

As you can see, $_SERVER['SCRIPT_NAME'] always 3 gives back the file that originally handled 2 the request, i.e. the file in the URL, without 1 any XSS risks.

Score: 6
$_SERVER['PHP_SELF']

Should return the actual script. But there 4 are various methods.

I had a better link to a matrix of 3 all the various file-related environment 2 variables but I can't find it. I'll edit 1 if it turns up.

Edit: I found a nice SO thread that details the differences between them.

Score: 2

Go get file name from the requested URL 3 use following code.

basename($_SERVER['URL']);
basename($_SERVER['REQUEST_URI']);
basename($_SERVER['SCRIPT_NAME']);
basename($_SERVER['SCRIPT_FILENAME']);
basename($_SERVER['REQUEST_URI']);
basename($_SERVER['PATH_TRANSLATED']);
basename($_SERVER['PHP_SELF']);

use any one all all of 2 those in the nested if condition so you 1 will not miss file name any how.

Score: 0
  1. parse_url($_SERVER['REQUEST_URI']) and then pathinfo($path) to get requested filename
  2. $_SERVER['PHP_SELF'] to get real filename
  3. $_SERVER['SCRIPT_NAME'] to get real filename

0

More Related questions