Your message dated Wed, 27 Jan 2016 12:42:34 +0100 with message-id <1453894954.1273866.503920634.20748...@webmail.messagingengine.com> and subject line Closing the non-security bugs against PHP in Debian wheezy (old-stable) has caused the Debian Bug report #730094, regarding [php5-cgi] filter-input not working with INPUT_SERVER to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 730094: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730094 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: php5-cgi Version: 5.4.4-14+deb7u5 Severity: normal --- Please enter the report below this line. --- Dear Maintainer, when using the filter_input function from php5-cgi with INPUT_SERVER, the return value == false always. This doesn't depend on the used filter (unsafe-raw in the following example) or Variable (server-name). $input = filter_input(INPUT_SERVER, "SERVER_NAME", FILTER_UNSAFE_RAW, FILTER_NULL_ON_FAILURE); var_dump($input); var_dump($_SERVER["SERVER_NAME"]); output: boolean false string 'localhost' (length=9) there are some similar bug reports on bugs.php.net: - https://bugs.php.net/bug.php?id=44779 (closed & fixed) - https://bugs.php.net/bug.php?id=49184 (verified) With INPUT_ENV, a similar behaviour seems to occur (I found some reports about that, but did not check this by myself) a possible example for a workaround is: if (filter_has_var(INPUT_SERVER, "SERVER_NAME")) { $servername = filter_input(INPUT_SERVER, "SERVER_NAME", FILTER_UNSAFE_RAW, FILTER_NULL_ON_FAILURE); } else { if (isset($_SERVER["SERVER_NAME"])) $servername = filter_var($_SERVER["SERVER_NAME"], FILTER_UNSAFE_RAW, FILTER_NULL_ON_FAILURE); else $servername = null; } output: string 'localhost' (length=9) with regards, Christoph --- System information. --- Architecture: amd64 Kernel: Linux 3.10-0.bpo.3-amd64 Debian Release: 7.2 500 wheezy-backports mozilla.debian.net 500 stable www.deb-multimedia.org 500 stable repo.wuala.com 500 stable qgis.org 500 stable dl.google.com 500 stable debian.mirror.lrz.de 500 proposed-updates debian.mirror.lrz.de 100 wheezy-backports debian.mirror.lrz.de --- Package information. --- Depends (Version) | Installed ========================================-+-==================== libbz2-1.0 | 1.0.6-4 libc6 (>= 2.11) | libcomerr2 (>= 1.01) | libdb5.1 | libgssapi-krb5-2 (>= 1.6.dfsg.2) | libk5crypto3 (>= 1.6.dfsg.2) | libkrb5-3 (>= 1.6.dfsg.2) | libonig2 (>= 5.2.0) | libpcre3 (>= 8.10) | libqdbm14 (>= 1.8.74) | libssl1.0.0 (>= 1.0.0) | libxml2 (>= 2.8.0) | zlib1g (>= 1:1.1.4) | mime-support | php5-common (= 5.4.4-14+deb7u5) | libmagic1 | ucf | tzdata | Package's Recommends field is empty. Suggests (Version) | Installed =======================-+-=========== php-pear | 5.4.4-14+deb7u5
--- End Message ---
--- Begin Message ---Version: php5/5.6.0+dfsg-1 Feel free to reopen the bugs, if you can reproduce those against current Debian stable PHP version (5.6.17+). Cheers, -- Ondřej Surý <[email protected]> Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server
--- End Message ---
