ID: 10930
Updated by: [EMAIL PROTECTED]
Reported By: [EMAIL PROTECTED]
Status: Open
Bug Type: IIS related
Operating System: Windows 2000
PHP Version: 4.0.5
New Comment:
I have experienced the same bug with PHP 4.1.1 (Win32 install build)
and Windows 2000 server. It is really an IIS bug not a PHP bug. The
crux of it is ...
header("Location: $PHP_SELF");
This sends a 'virtual' URI not an absolute URI. (see the <a
href="http://www.php.net/manual/en/function.header.php";>PHP manual for
header function</a>). Why this should crash IIS is unclear since surely
it should cope with a rogue CGI program.
If an absolute URI is sent in the header it does not crash IIS.
This would cause problems on Windows boxes running a number of PHP
websites for end users. Sloppy header coding can cause all the websites
to be unavailable until admin restarts IIS.
Phorum 3.3.2a (www.phorum.org) uses the Location header with a virtual
URI in the admin screens.
Previous Comments:
------------------------------------------------------------------------
[2001-05-17 12:08:03] [EMAIL PROTECTED]
After running the code below, PHP 4.0.5 is no longer able to connecto
to mysql. I have tested this at 2 different locations, and the result
is the same every time. Also after visiting the website with this code
in it, inetinfo.exe (IIS) crashes.
PHP was installed with php405-installer.exe. The problem occurs on
Windows 2000 Professional SP1 & SP2. Windows 2000 server has not been
tested. Below is the code that should be pasted into a webpage, and
then visited with any browser. I accidentally caused inetinfo.exe to
die with this:
<?
/*
This was written (accidentally) by Tyler Longren
<[EMAIL PROTECTED]>.
This was found on accident...thanks to my crappy coding. :)
Date: 05-14-2001
Kills: Inetinfo.exe on Win2k
*/
session_start();
session_register('username');
session_register('password');
header("Location: $PHP_SELF");
if ($formusername) {
mysql_connect("$mysql_host","$mysql_user","$mysql_pass");
mysql_select_db("$mysql_db");
$auth_sql = mysql_query("SELECT * FROM $mysql_user_table WHERE
username =
'$formusername' AND password = '$formpassword'");
$user_exists = mysql_num_rows($auth_sql);
if ($user_exists == "1") {
$username = $formusername;
$password = $formpassword;
}
else {
$login_error = "<font face=Arial
size=2><b>Error:</b></font><br><font
face=Arial size=1>Wrong<br>username/password</b></font>";
session_unregister('username');
session_unregister('password');
}
}
else {
mysql_connect("$mysql_host","$mysql_user","$mysql_pass");
mysql_select_db("$mysql_db");
$auth_sql = mysql_query("SELECT * FROM $mysql_user_table WHERE
username =
'$username' AND password = '$password'");
$user_exists = mysql_num_rows($auth_sql);
if ($user_exists == "1") {
// blah blah blah!
}
else {
$login_error = "<font face=Arial
size=2><b>Error:</b></font><br><font
face=Arial size=1><b>Wrong<Br>username/password</b></font>";
session_unregister('username');
session_unregister('password');
}
}
if ($login == "no") {
session_destroy();
session_unregister('username');
session_unregister('password');
header("Location: $PHP_SELF");
}
?>
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=10930&edit=1
