469,318 Members | 1,931 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,318 developers. It's quick & easy.

action="<?=$PHP_SELF?>">

Can not determine how "<?=PHP_SELF?>" is supposed to work.

The below is the line of code.
<!-- <form name="search" method="post" action="<?=$PHP_SELF?>"-->

When the above statement is run the following is the result.

You don't have permission to access /dev/forms/forms_testing/< on this
server.

Jun 6 '07 #1
18 10327
zoilus wrote:
Can not determine how "<?=PHP_SELF?>" is supposed to work.

The below is the line of code.
<!-- <form name="search" method="post" action="<?=$PHP_SELF?>"-->

When the above statement is run the following is the result.

You don't have permission to access /dev/forms/forms_testing/< on this
server.
Hi,

Why make things complicated?
Why don't you just fill in the name of the script you want?
Don't you know how your script is named?

I never understood why people want to use PHP_SELF.
:-/

Regards,
Erwin Moller
Jun 6 '07 #2
As I often do, I try learning from other peoples work. This script was
on a site and I thought it interesting. Trying to dig out interesting
tidbits. I had already put the 'search.php' in it's place but was
curious as to what and why $PHP_SELF was "Trying to be used" because is
was not working. This made it more interesting. I looked up what I think
it was to do but still can not figure out why it is not working.

Anyway.....
Erwin Moller wrote:
zoilus wrote:

>>Can not determine how "<?=PHP_SELF?>" is supposed to work.

The below is the line of code.
<!-- <form name="search" method="post" action="<?=$PHP_SELF?>"-->

When the above statement is run the following is the result.

You don't have permission to access /dev/forms/forms_testing/< on this
server.


Hi,

Why make things complicated?
Why don't you just fill in the name of the script you want?
Don't you know how your script is named?

I never understood why people want to use PHP_SELF.
:-/

Regards,
Erwin Moller

Jun 6 '07 #3
Erwin Moller wrote:
I never understood why people want to use PHP_SELF.
Portability.

Cheers,
--
----------------------------------
Iván Sánchez Ortega -ivansanchez-algarroba-escomposlinux-punto-org-

http://acm.asoc.fi.upm.es/~mr/
Proudly running Debian Linux with 2.6.20-1-amd64 kernel, KDE 3.5.7, and PHP
5.2.2-2 generating this signature.
Uptime: 18:17:59 up 6 days, 20 min, 3 users, load average: 1.52, 2.26,
2.15

Jun 6 '07 #4
zoilus wrote:
As I often do, I try learning from other peoples work. This script was
on a site and I thought it interesting. Trying to dig out interesting
tidbits. I had already put the 'search.php' in it's place but was
curious as to what and why $PHP_SELF was "Trying to be used" because is
was not working. This made it more interesting. I looked up what I think
it was to do but still can not figure out why it is not working.

Anyway.....

Hi Zoilus,

The one and foremost way to debug form-postings (in my humble opinion of
course) is dumping the posting in PHP.

for example: You post a form with method="post" to search.php

then in search.php start with this:

<?php
// dump the post
echo "<pre>";
print_r($_POST);
echo "</pre>";
exit;
?>

I must have typed the sequence of lines a zillion times by now. ;-)

You can do the same with $_GET (for forms that use method="get").
or for cookies: $_COOKIE
or actually for any array you might want to inspect.

Do not forget the <pre>..</prebecause print_r() is nicely formatted only
if you use pre.

Hope that helps.
Regards,
Erwin Moller
>

Erwin Moller wrote:
>zoilus wrote:

>>>Can not determine how "<?=PHP_SELF?>" is supposed to work.

The below is the line of code.
<!-- <form name="search" method="post" action="<?=$PHP_SELF?>"-->

When the above statement is run the following is the result.

You don't have permission to access /dev/forms/forms_testing/< on this
server.


Hi,

Why make things complicated?
Why don't you just fill in the name of the script you want?
Don't you know how your script is named?

I never understood why people want to use PHP_SELF.
:-/

Regards,
Erwin Moller

Jun 6 '07 #5
Iván Sánchez Ortega wrote:
Erwin Moller wrote:
>I never understood why people want to use PHP_SELF.

Portability.
Right, I see your point.
Comes in handy when using general form-generating routines and the like. ;-)

Regards,
Erwin Moller
>
Cheers,
Jun 6 '07 #6
On 6 Jun, 16:56, zoilus <zol...@someplace.orgwrote:
Can not determine how "<?=PHP_SELF?>" is supposed to work.

The below is the line of code.
<!-- <form name="search" method="post" action="<?=$PHP_SELF?>"-->

When the above statement is run the following is the result.

You don't have permission to access /dev/forms/forms_testing/< on this
server.
Erm... why don't you just view the HTML source to see what's in the
$PHP_SELF variable?

Jun 6 '07 #7
On Jun 6, 10:56 am, zoilus <zol...@someplace.orgwrote:
Can not determine how "<?=PHP_SELF?>" is supposed to work.

The below is the line of code.
<!-- <form name="search" method="post" action="<?=$PHP_SELF?>"-->

When the above statement is run the following is the result.

You don't have permission to access /dev/forms/forms_testing/< on this
server.
not sure your version of php or it's config, but try using
$_SERVER['PHP_SELF']; or set a global variable to $PHP_SELF =
$_SERVER['PHP_SELF']; then reference throughout your app whenever
necessary.

Also, educate yourself a bit more on this subject at http://us.php.net/reserved.variables

hth,

-----------
Gene Kelley
LAMP Web Application Developer
BizFlowDesigns.com
St. Louis, Missouri, USA

Jun 6 '07 #8
zoilus wrote:
>
Can not determine how "<?=PHP_SELF?>" is supposed to work.

The below is the line of code.
<!-- <form name="search" method="post" action="<?=$PHP_SELF?>"-->

When the above statement is run the following is the result.

You don't have permission to access /dev/forms/forms_testing/< on this
server.
The <?=PHP_SELF?syntax requires short tags and register globals to be
on. Both are off on most default installations nowadays. Try this and
see if that works:

<?php echo $_SERVER['PHP_SELF']; ?>
Jun 6 '07 #9
Erwin Moller wrote:
Iván Sánchez Ortega wrote:
>Erwin Moller wrote:
>>I never understood why people want to use PHP_SELF.
Portability.

Right, I see your point.
Comes in handy when using general form-generating routines and the like. ;-)
I would advise:

// prevent some wiseass XSS insertion
$sanitized=htmlentities($_SERVER['PHP_SELF']);

<form action="<?php echo $sanitized; ?>" method="post">
--
Take care,

Jonathan
-------------------
LITTLE WORKS STUDIO
http://www.LittleWorksStudio.com
Jun 6 '07 #10
Ok, if one of you fine folks would like to explain this one. I do not
understand.

Erwin Moller wrote:
Iván Sánchez Ortega wrote:

>>Erwin Moller wrote:

>>>I never understood why people want to use PHP_SELF.

Portability.


Right, I see your point.
Comes in handy when using general form-generating routines and the like. ;-)

Regards,
Erwin Moller

>>Cheers,

Jun 6 '07 #11
Here ya go.

<h2>Search</h2>
<form name="search" method="post" action="<?=$PHP_SELF?>">
Seach for: <input type="text" name="find" /in
<Select NAME="field">
<Option VALUE="fname">First Name</option>
<Option VALUE="lname">Last Name</option>
<Option VALUE="info">Profile</option>
</Select>
<input type="hidden" name="searching" value="yes" />
<input type="submit" name="search" value="Search" />
</form>

gbbulldog wrote:
On 6 Jun, 16:56, zoilus <zol...@someplace.orgwrote:
>>Can not determine how "<?=PHP_SELF?>" is supposed to work.

The below is the line of code.
<!-- <form name="search" method="post" action="<?=$PHP_SELF?>"-->

When the above statement is run the following is the result.

You don't have permission to access /dev/forms/forms_testing/< on this
server.


Erm... why don't you just view the HTML source to see what's in the
$PHP_SELF variable?
Jun 6 '07 #12
I had been trying this one and a few others without success, until I
used this

// $PHP_SELF=$_SERVER['PHP_SELF']; //r&d
// print "$PHP_SELF"; //r&d

The above worked while others just blanked my php output.


Anonymous wrote:
zoilus wrote:
>>Can not determine how "<?=PHP_SELF?>" is supposed to work.

The below is the line of code.
<!-- <form name="search" method="post" action="<?=$PHP_SELF?>"-->

When the above statement is run the following is the result.

You don't have permission to access /dev/forms/forms_testing/< on this
server.


The <?=PHP_SELF?syntax requires short tags and register globals to be
on. Both are off on most default installations nowadays. Try this and
see if that works:

<?php echo $_SERVER['PHP_SELF']; ?>
Jun 6 '07 #13
Thanks, good suggestion. I will.

Jonathan N. Little wrote:
Erwin Moller wrote:
>Iván Sánchez Ortega wrote:
>>Erwin Moller wrote:

I never understood why people want to use PHP_SELF.

Portability.


Right, I see your point.
Comes in handy when using general form-generating routines and the
like. ;-)


I would advise:

// prevent some wiseass XSS insertion
$sanitized=htmlentities($_SERVER['PHP_SELF']);

<form action="<?php echo $sanitized; ?>" method="post">

Jun 6 '07 #14
Rik
On Thu, 07 Jun 2007 00:03:09 +0200, zoilus <zo****@someplace.orgwrote:
I had been trying this one and a few others without success, until I
used this

// $PHP_SELF=$_SERVER['PHP_SELF']; //r&d
// print "$PHP_SELF"; //r&d

The above worked while others just blanked my php output.
Some pointers:

- Never ever use the <?=$varname ?syntax. (Which assumes both shorttags
and register_globals set to On, both of which are a Bad Idea)

- Do not expect any magic variable to exist except the ones listed on
http://www.php.net/manual/en/languag...predefined.php (well,
including $this in classes etc.)

Also, putting double quotes around a single variable to echo, print, or do
anything else with it is just plain silly. All it does is it casts it toa
string, which is already assumed by echo/print constructs. If you really
need to cast it to a string, using strval() (only for scalars) or
(string)$varname is preferred. See
http://www.php.net/manual/en/languag...e-juggling.php for more
details on this.
Short answer:
<?php echo $_SERVER['PHP_SELF']; ?works almost all the time, depending
on what webserver you use (as it isn't provided by PHP itself, the server
tells PHP what it should be).
--
Rik Wasmus
Jun 6 '07 #15
Uneducated perhaps, but

3 a : weak in intellect : FOOLISH b : exhibiting or indicative of a lack
of common sense or sound judgment <a very silly mistake>

Ouch.
Rik wrote:
On Thu, 07 Jun 2007 00:03:09 +0200, zoilus <zo****@someplace.orgwrote:
>I had been trying this one and a few others without success, until I
used this

// $PHP_SELF=$_SERVER['PHP_SELF']; //r&d
// print "$PHP_SELF"; //r&d

The above worked while others just blanked my php output.


Some pointers:

- Never ever use the <?=$varname ?syntax. (Which assumes both
shorttags and register_globals set to On, both of which are a Bad Idea)

- Do not expect any magic variable to exist except the ones listed on
http://www.php.net/manual/en/languag...predefined.php (well,
including $this in classes etc.)

Also, putting double quotes around a single variable to echo, print, or
do anything else with it is just plain silly. All it does is it casts
it to a string, which is already assumed by echo/print constructs. If
you really need to cast it to a string, using strval() (only for
scalars) or (string)$varname is preferred. See
http://www.php.net/manual/en/languag...e-juggling.php for more
details on this.
Short answer:
<?php echo $_SERVER['PHP_SELF']; ?works almost all the time,
depending on what webserver you use (as it isn't provided by PHP
itself, the server tells PHP what it should be).
Jun 6 '07 #16
Uneducated perhaps, but

3 a : weak in intellect : FOOLISH b : exhibiting or indicative of a lack
of common sense or sound judgment <a very silly mistake>

Ouch. ;)
Rik wrote:
On Thu, 07 Jun 2007 00:03:09 +0200, zoilus <zo****@someplace.orgwrote:
>I had been trying this one and a few others without success, until I
used this

// $PHP_SELF=$_SERVER['PHP_SELF']; //r&d
// print "$PHP_SELF"; //r&d

The above worked while others just blanked my php output.


Some pointers:

- Never ever use the <?=$varname ?syntax. (Which assumes both
shorttags and register_globals set to On, both of which are a Bad Idea)

- Do not expect any magic variable to exist except the ones listed on
http://www.php.net/manual/en/languag...predefined.php (well,
including $this in classes etc.)

Also, putting double quotes around a single variable to echo, print, or
do anything else with it is just plain silly. All it does is it casts
it to a string, which is already assumed by echo/print constructs. If
you really need to cast it to a string, using strval() (only for
scalars) or (string)$varname is preferred. See
http://www.php.net/manual/en/languag...e-juggling.php for more
details on this.
Short answer:
<?php echo $_SERVER['PHP_SELF']; ?works almost all the time,
depending on what webserver you use (as it isn't provided by PHP
itself, the server tells PHP what it should be).
Jun 6 '07 #17
On Jun 6, 12:45 pm, gbbulldog <gbbull...@googlemail.comwrote:
On 6 Jun, 16:56, zoilus <zol...@someplace.orgwrote:
Can not determine how "<?=PHP_SELF?>" is supposed to work.
The below is the line of code.
<!-- <form name="search" method="post" action="<?=$PHP_SELF?>"-->
When the above statement is run the following is the result.
You don't have permission to access /dev/forms/forms_testing/< on this
server.

Erm... why don't you just view the HTML source to see what's in the
$PHP_SELF variable?
How about checking register globals for the first thing. If you have
it turned off, $PHP_SEKF is a junk variable with no meaning. Use
$_SERVER['PHP_SELF'] to be safe from register globals nightmares.

Spaghetti code starts with register_globals.

~A!

Jun 7 '07 #18
zoilus wrote:
Ok, if one of you fine folks would like to explain this one. I do not
understand.
Hi Zoilus,

First a housekeeping remark: Please do not toppost.
Try to insert your question/comments under the part where they belong.
Look at this old joke:

Answer: Because it destroys the natural order of the conversation.
Question: Why is that?
Answer: Topposting
Question: What is the most annoying thing on usenet?

;-)

About the PHP_SELF usage: I told you not to use it because you can just fill
in the name of the script you want to receive your form.
I also said I didn't see a point in using PHP_SELF.
Then Ivan said there is a good point: portability.
What he ment is that you can write code that you can use in other scripts
too, be it in classes or in a functionlib.
If you do not know WHAT the name of your own script is, you can use PHP_SELF
to fetch that for you.
If you cannot follow, do not mind. It only matters when you want to write a
functionlib or a few classes that you use to recycle some logic.
I would advise you not to use PHP_SELF for now. Maybe later when you are
more confortable with postings and forms.

The main point is that the action-tag in the form should hold a scriptname
so the browser knows where to send the info.

Hope that clarifies it a bit.

Regards,
Erwin Moller
>
Erwin Moller wrote:
>Iván Sánchez Ortega wrote:

>>>Erwin Moller wrote:
I never understood why people want to use PHP_SELF.

Portability.


Right, I see your point.
Comes in handy when using general form-generating routines and the like.
;-)

Regards,
Erwin Moller

>>>Cheers,

Jun 7 '07 #19

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

3 posts views Thread by Ankur Gupta | last post: by
4 posts views Thread by Murali | last post: by
2 posts views Thread by KC Wong | last post: by
reply views Thread by Anthony Hart-Jones | last post: by
5 posts views Thread by Jerim79 | last post: by
1 post views Thread by CARIGAR | last post: by
reply views Thread by zhoujie | last post: by
reply views Thread by suresh191 | last post: by
reply views Thread by listenups61195 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.