By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
434,871 Members | 2,575 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 434,871 IT Pros & Developers. It's quick & easy.

PSP_SELF

P: n/a
I am trying to learn PHP. I am confused as to why I need
$_SERVER['PHP_SELF'] in the first block, but just $PHP_SELF in the 2nd. I
don't see the latter assigned anywhere in the code.

Thanks for any clarifications.


elseif ($delete) {
// delete a record
$sql = "DELETE FROM employees WHERE id=$id";
$result = mysql_query($sql);
echo "$sql Record deleted!<p>";
printf("<a href=\"%s\">Return</a><br>", $_SERVER['PHP_SELF']);
}
else {
// this part happens if we don't press submit
if (!$id) {
// print the list if there is not editing
$result = mysql_query("SELECT * FROM employees",$db);
while ($myrow = mysql_fetch_array($result)) {
printf("<a href=\"%s?id=%s\">%s %s</a> \n", $PHP_SELF,
$myrow["id"], $myrow["first"], $myrow["last"]);
printf("<a href=\"%s?id=%s&delete=yes\">(DELETE)</a><br>",
$PHP_SELF, $myrow["id"]);
}
}


Jul 17 '05 #1
Share this Question
Share on Google+
9 Replies


P: n/a
Buck Turgidson wrote:
I am trying to learn PHP. I am confused as to why I need
$_SERVER['PHP_SELF'] in the first block, but just $PHP_SELF in the 2nd. I
don't see the latter assigned anywhere in the code.

Thanks for any clarifications.


elseif ($delete) {
// delete a record
$sql = "DELETE FROM employees WHERE id=$id";
$result = mysql_query($sql);
echo "$sql Record deleted!<p>";
printf("<a href=\"%s\">Return</a><br>", $_SERVER['PHP_SELF']);
}
else {
// this part happens if we don't press submit
if (!$id) {
// print the list if there is not editing
$result = mysql_query("SELECT * FROM employees",$db);
while ($myrow = mysql_fetch_array($result)) {
printf("<a href=\"%s?id=%s\">%s %s</a> \n", $PHP_SELF,
$myrow["id"], $myrow["first"], $myrow["last"]);
printf("<a href=\"%s?id=%s&delete=yes\">(DELETE)</a><br>",
$PHP_SELF, $myrow["id"]);
}
}


It's a bug.. both should reference $_SERVER['PHP_SELF']

$PHP_SELF is available of register_globals = On, but default install is
with register_globals = Off

--
Justin Koivisto - sp**@koivi.com
http://www.koivi.com
Jul 17 '05 #2

P: n/a
*Buck Turgidson wrote:
I am trying to learn PHP. I am confused as to why I need
$_SERVER['PHP_SELF'] in the first block, but just $PHP_SELF in the 2nd.
I
don't see the latter assigned anywhere in the code.

Thanks for any clarifications.

This has to do with the setting of register_globals:

http://no2.php.net/manual/en/security.globals.php

DO NOT use the $PHP_SELF any more, it is obsolete and will render your
code non-portable.
--
Thomas

SELECT date FROM wife WHERE bitching = '0' AND sex = '1'
Jul 17 '05 #3

P: n/a
Justin Koivisto wrote:
Buck Turgidson wrote:
I am trying to learn PHP. I am confused as to why I need
$_SERVER['PHP_SELF'] in the first block, but just $PHP_SELF in the 2nd.
I don't see the latter assigned anywhere in the code.
See my comments below
elseif ($delete) {
// delete a record
$sql = "DELETE FROM employees WHERE id=$id";
$result = mysql_query($sql);
echo "$sql Record deleted!<p>";
printf("<a href=\"%s\">Return</a><br>", $_SERVER['PHP_SELF']);
}
else {
// this part happens if we don't press submit
if (!$id) {
// print the list if there is not editing
$result = mysql_query("SELECT * FROM employees",$db);
while ($myrow = mysql_fetch_array($result)) {
printf("<a href=\"%s?id=%s\">%s %s</a> \n", $PHP_SELF,
$myrow["id"], $myrow["first"], $myrow["last"]);
printf("<a href=\"%s?id=%s&delete=yes\">(DELETE)</a><br>",
$PHP_SELF, $myrow["id"]);
}
}


It's a bug.. both should reference $_SERVER['PHP_SELF']


A bug .... Where is the bug?
The OP's code or the browser he's using? :-)
The first printf() will print something like

<a href="/script.php">Return</a>

whereas the second will print

<a href="?id=42">First Last</a>
And I think the OP's browser (correctly???) takes the second URL (can
that be called a URL???) as "<current_page>?id=42"


To the OP:

Buck, turn on error reporting for all notices so that you will be
notified when you use variables that do not exit (like $PHP_SELF above).

If you can't change php.ini, insert these two lines at the top of your
scripts:

error_reporting(E_ALL);
ini_set('display_errors', '1');

--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!
Jul 17 '05 #4

P: n/a
Pedro Graca wrote:
the second will print

<a href="?id=42">First Last</a>
<?id=42> is not a relative URI by RFC2396, and so, strictly
speaking, that isn't HTML; luckily, however, that fault was
spotted, and the BNF for relativeURI (now termed relative-
ref) has been revised. <?id=42> is valid under the current
draft-in-progress; see

<http://www.gbiv.com/protocols/uri/rev-2002/issues.html#007-empty-rel_path>
And I think the OP's browser (correctly???) takes the second
URL (can that be called a URL???) as "<current_page>?id=42"


You'd expect that, wouldn't you?

An example from Appendix C in RFC2396 shows that with a base
URI of <http://a/b/c/d;p?q> a relative URI of <?y> resolves
to <http://a/b/c/?y>. With <?y>, you reach step 6 of
RFC2396's resolution algorithm: strip off anything after the
last slash of the base URI and append <?y> to what's left.

The draft-in-progress, on the other hand, shows an example
with the same base and relative URIs which resolves to
<http://a/b/c/d;p?y>.

<http://www.gbiv.com/protocols/uri/rev-2002/issues.html#003-relative-query>

That's the theory anyway; I don't know what browsers
actually do. Tell a lie: Lynx 2.8.3dev.17 follows RFC2396
to the letter, while Opera 7.10 follows the draft-in-
progress and RFC1808. Which browser is right? I wouldn't
call either wrong. Is it wise to use relative URIs with
empty paths? I wouldn't use them.

--
Jock
Jul 17 '05 #5

P: n/a
Someone is thinking too much about the portable Playstation :-)
Jul 17 '05 #6

P: n/a
John Dunlop wrote:
Pedro Graca wrote:
And I think the OP's browser (correctly???) takes the second
URL (can that be called a URL???) as "<current_page>?id=42"


You'd expect that, wouldn't you?


Yes :)
But my expectations aren't necessarily correct.
Thank you for the links and, especially, the detailed explanation.

--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!
Jul 17 '05 #7

P: n/a
>
That's the theory anyway; I don't know what browsers
actually do. Tell a lie: Lynx 2.8.3dev.17 follows RFC2396
to the letter, while Opera 7.10 follows the draft-in-
progress and RFC1808. Which browser is right? I wouldn't
call either wrong. Is it wise to use relative URIs with
empty paths? I wouldn't use them.


I am using Opera, BTW.
Jul 17 '05 #8

P: n/a
Buck, turn on error reporting for all notices so that you will be
notified when you use variables that do not exit (like $PHP_SELF above).

If you can't change php.ini, insert these two lines at the top of your
scripts:

error_reporting(E_ALL);
ini_set('display_errors', '1');


This is an extract of php.ini. It appears to be set.

error_reporting = E_ALL & ~E_NOTICE
display_errors = On
display_startup_errors = Off
log_errors = Off
log_errors_max_len = 1024
Jul 17 '05 #9

P: n/a
Buck Turgidson wrote:
Buck, turn on error reporting for all notices so that you will be
notified when you use variables that do not exit (like $PHP_SELF above).


This is an extract of php.ini. It appears to be set.

error_reporting = E_ALL & ~E_NOTICE


This means show everything except Notices.
The use of uninitialized variables is a notice.

Change it to

error_reporting = E_ALL
and get ready to see a *LOT* ot notices about uninitialized variables.

--
Mail to my "From:" address is readable by all at http://www.dodgeit.com/
== ** ## !! ------------------------------------------------ !! ## ** ==
TEXT-ONLY mail to the whole "Reply-To:" address ("My Name" <my@address>)
may bypass my spam filter. If it does, I may reply from another address!
Jul 17 '05 #10

This discussion thread is closed

Replies have been disabled for this discussion.