Connecting Tech Pros Worldwide Forums | Help | Site Map
bytes > topic > php > answers

does die() allow PHP to be sent to the browser screen?

lkrubner@geocities.com
Guest
  
Posts: n/a
#1: Jul 17 '05

I'm shocked to see that on a page that failed, all the PHP that came
after a die() statement got sent to the screen, so anyone could see it.
If I'd had passwords visible in the code, I'd be in deep trouble. This
is what I saw on screen:

-----------------------------------

Whoa. Serious misconfiguration, dude. The software is looking
everywhere for a file called McControllerForAll.php but not finding it.
It needs that file in a big way. Spelling is case senstive. If somehow
the file is lost, you can always find a new copy at Public Domain
Software");

$controllerForAll = new McControllerForAll();
$controllerForAll->getConfig();
$controllerForAll->includeTheFilesThatThisSoftwareNeedsToRun();
$pageRender = & $controllerForAll->getObject("McRenderPage", " Called
on the index page, the 31st line of code");
$pageRender->getGlobalEvents(); $pageRender->runMainLoop(); ?>
R. Rajesh Jeba Anbiah
Guest
  
Posts: n/a
#2: Jul 17 '05

re: does die() allow PHP to be sent to the browser screen?

lkrub...@geocities.com wrote:[color=blue]
> I'm shocked to see that on a page that failed, all the PHP that came
> after a die() statement got sent to the screen, so anyone could see[/color]
it.
<snip>

Didn't happen to me. But, can't make judgement unless seeing at
least few lines of code.

--
<?php echo 'Just another PHP saint'; ?>
Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/
Richards Noah \(IFR LIT MET\)
Guest
  
Posts: n/a
#3: Jul 17 '05

re: does die() allow PHP to be sent to the browser screen?

<lkrubner@geocities.com> wrote in message
news:1105986555.248426.279140@c13g2000cwb.googlegr oups.com...[color=blue]
>
> I'm shocked to see that on a page that failed, all the PHP that came
> after a die() statement got sent to the screen, so anyone could see it.
> If I'd had passwords visible in the code, I'd be in deep trouble. This
> is what I saw on screen:
>[/color]
<snip>

No, die _does not_ print out all of the code after it. It does precisely
what you would expect: prints out whatever string you give it and terminates
execution of PHP.

That being said, your problem is probably a typo somewhere. Post the code
that you used (copy & paste, don't retype) and we'll help you find the
problem.
Tony Marston
Guest
  
Posts: n/a
#4: Jul 17 '05

re: does die() allow PHP to be sent to the browser screen?

The die() function does not print out anything. You have some code in your
application that does when an error occurs. I suggest you look for it and
change it.

--
Tony Marston

http://www.tonymarston.net



<lkrubner@geocities.com> wrote in message
news:1105986555.248426.279140@c13g2000cwb.googlegr oups.com...[color=blue]
>
> I'm shocked to see that on a page that failed, all the PHP that came
> after a die() statement got sent to the screen, so anyone could see it.
> If I'd had passwords visible in the code, I'd be in deep trouble. This
> is what I saw on screen:
>
> -----------------------------------
>
> Whoa. Serious misconfiguration, dude. The software is looking
> everywhere for a file called McControllerForAll.php but not finding it.
> It needs that file in a big way. Spelling is case senstive. If somehow
> the file is lost, you can always find a new copy at Public Domain
> Software");
>
> $controllerForAll = new McControllerForAll();
> $controllerForAll->getConfig();
> $controllerForAll->includeTheFilesThatThisSoftwareNeedsToRun();
> $pageRender = & $controllerForAll->getObject("McRenderPage", " Called
> on the index page, the 31st line of code");
> $pageRender->getGlobalEvents(); $pageRender->runMainLoop(); ?>
>[/color]
Andy Barfield
Guest
  
Posts: n/a
#5: Jul 17 '05

re: does die() allow PHP to be sent to the browser screen?

lkrubner@geocities.com wrote:
[color=blue]
> I'm shocked to see that on a page that failed, all the PHP that came
> after a die() statement got sent to the screen, so anyone could see it.
> If I'd had passwords visible in the code, I'd be in deep trouble. This
> is what I saw on screen:
>
> -----------------------------------
>
> Whoa. Serious misconfiguration, dude. The software is looking
> everywhere for a file called McControllerForAll.php but not finding it.
> It needs that file in a big way. Spelling is case senstive. If somehow
> the file is lost, you can always find a new copy at Public Domain
> Software");[/color]
^^^
That "); suggests that you may have opened string in the die() call with
a single quote, as the double quotes have not terminated the string.

Regards,

Andy
Closed Thread

« previous question | next question »

Similar PHP bytes

/bytes/development

/bytes/it

Forums
Visit our community forums for general discussions and latest on Bytes

Our staff and community areas have moved to bytes.com/forums/

/bytes/about

We are a network of experts and professionals in IT and software development that help one another with answers to tough questions and share insights. Get the best answers to your questions from over 226,384 network members.

dev questions:
algorithms | asp | asp.net | c/c++ | coldfusion | c# | flash | html/css | java | javascript |
mobile dev | .net | perl | php | python | ruby | software dev | vb.net | visual basic | xml
it questions:
access | apache | careers | db2 | iis | macosx | mysql | networking | oracle | postgresql | sql server | unix | windows

About Bytes | Copyright 1995-2009 BYTES. All rights Reserved