Hello all, I noticed a problem using PHP 4.2.2 as a cgi parser and Apache 1.3.26 on a slackware 8.0 box running kernel 2.2.21. As I searched the online manual pages, I noticed that "alexis AT mvs DOT com" had already seen this problem. I spoke with him and he said PHP has not answered his questions about it. The problem is when posting a file trought a form like this: <FORM METHOD="POST" ACTION="script.php" ENCTYPE="multipart/form-data"> <INPUT TYPE="FILE" NAME="userfile"> <INPUT TYPE="SUBMIT" VALUE="Send File"> </FORM> In 'script.php', the interpreter is supposed to configure an array called "$_FILES" with several indexes: $_FILES['userfile']['name'] $_FILES['userfile']['tmp_name'] $_FILES['userfile']['type'] $_FILES['userfile']['size'] $_FILES['userfile']['error'] The last one was supposed to follow this codes: 0 : UPLOAD_ERR_OK (file uploaded ok) 1 : UPLOAD_ERR_INI_SIZE (upload exceeds 'upload_max_filesize' in php.ini) 2 : UPLOAD_ERR_FORM_SIZE (upload exceeds 'MAX_FILE_SIZE' in html form) 3 : UPLOAD_ERR_PARTIAL (file uploaded partially) 4 : UPLOAD_ERR_NO_FILE (no file was uploaded) The constants are only supposed to be defined in php 4.3.0, but there's no problem with that. The problem is that if you fill the form with a file that doesn't exist and send it, $_FILES['userfile']['error'] will be set 0 (upload ok)! The only way I found to check if a file was really uploaded is to check the size of the file (it will also be set 0). The point I'm trying to make here is to warn about this issue and to question if there are ways to use this "bug" in cross-script hacking anyway. Thanks, Felipe -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Felipe Franciosi franciozzyat_private Porto Alegre - RS Brazil Phone: (55)(51) 9123 0557 UIN - 33596050 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This archive was generated by hypermail 2b30 : Sat Aug 31 2002 - 19:17:31 PDT