subject:"\[PHP\] Reading the content."

[PHP] Reading the content.

2001-07-11 Thread Gustavo Carreno


Hi tere,

Imagine that someone does the following post:

---8-
POST /bla.php HTTP/1.0
host: bla.com
content-type: text/xml
content-length: ##

?xml blabla?
bla
/bla
---8-

With what function, variable, server variable or whatever do I have access
to that XML?
I'm not concerned with the parsing, that is quite simple, I'm concerned with
the access to
that content!!!

Gustavo Carreno





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] Reading the content.

2001-07-11 Thread Chris Lambert - WhiteCrown Networks


As far as I know, you don't. :-(

/* Chris Lambert, CTO - [EMAIL PROTECTED]
WhiteCrown Networks - More Than White Hats
Web Application Security - www.whitecrown.net
*/

- Original Message -
From: Gustavo Carreno [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, July 11, 2001 6:54 AM
Subject: [PHP] Reading the content.


| Hi tere,
|
| Imagine that someone does the following post:
|
| ---8-
| POST /bla.php HTTP/1.0
| host: bla.com
| content-type: text/xml
| content-length: ##
|
| ?xml blabla?
| bla
| /bla
| ---8-
|
| With what function, variable, server variable or whatever do I have access
| to that XML?
| I'm not concerned with the parsing, that is quite simple, I'm concerned
with
| the access to
| that content!!!
|
| Gustavo Carreno
|
|
|
|
|
| --
| PHP General Mailing List (http://www.php.net/)
| To unsubscribe, e-mail: [EMAIL PROTECTED]
| For additional commands, e-mail: [EMAIL PROTECTED]
| To contact the list administrators, e-mail: [EMAIL PROTECTED]
|
|
|


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] Reading the content.

2001-07-11 Thread Gustavo Carreno


Chris Lambert - Whitecrown Networks [EMAIL PROTECTED] wrote in
message 000b01c109fc$1857cb60$6401a8c0@server">news:000b01c109fc$1857cb60$6401a8c0@server...
 As far as I know, you don't. :-(

  And as far as you know, you are wrong :))
  If there is no variables on the post the whole content of the post is held
on $HTTP_RAW_POST_DATA

Gustavo Carreno




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

RE: [PHP] Reading the content.

2001-07-11 Thread Bruin, Bolke de


To my knowledge you *only* get $HTTP_POST_RAW_DATA when the content-type is
unknown.
Not if there are nor vars in the POST (which is possible as empty vars are
not being send)

Bolke

-Oorspronkelijk bericht-
Van: Gustavo Carreno [mailto:[EMAIL PROTECTED]]
Verzonden: Wednesday, July 11, 2001 4:23 PM
Aan: [EMAIL PROTECTED]
Onderwerp: Re: [PHP] Reading the content.


Chris Lambert - Whitecrown Networks [EMAIL PROTECTED] wrote in
message 000b01c109fc$1857cb60$6401a8c0@server">news:000b01c109fc$1857cb60$6401a8c0@server...
 As far as I know, you don't. :-(

  And as far as you know, you are wrong :))
  If there is no variables on the post the whole content of the post is held
on $HTTP_RAW_POST_DATA

Gustavo Carreno




-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] Reading the content.

2001-07-11 Thread Chris Lambert - WhiteCrown Networks


Are you sure? I tested posting to a script which simply did a
print_r($GLOBAL), and didn't see the posted data listed.

/* Chris Lambert, CTO - [EMAIL PROTECTED]
WhiteCrown Networks - More Than White Hats
Web Application Security - www.whitecrown.net
*/

- Original Message -
From: Gustavo Carreno [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, July 11, 2001 10:22 AM
Subject: Re: [PHP] Reading the content.


| Chris Lambert - Whitecrown Networks [EMAIL PROTECTED] wrote in
| message 000b01c109fc$1857cb60$6401a8c0@server">news:000b01c109fc$1857cb60$6401a8c0@server...
|  As far as I know, you don't. :-(
|
|   And as far as you know, you are wrong :))
|   If there is no variables on the post the whole content of the post is
held
| on $HTTP_RAW_POST_DATA
|
| Gustavo Carreno
|
|
|
|
| --
| PHP General Mailing List (http://www.php.net/)
| To unsubscribe, e-mail: [EMAIL PROTECTED]
| For additional commands, e-mail: [EMAIL PROTECTED]
| To contact the list administrators, e-mail: [EMAIL PROTECTED]
|
|
|


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] Reading the content.

2001-07-11 Thread Gustavo Carreno


 Are you sure? I tested posting to a script which simply did a
 print_r($GLOBAL), and didn't see the posted data listed.

Yeaps, if the content-type is known the $HTTP_RAW_POST_DATA is empty
and does not show on the $GLOBALS.

Try this C program in Linux and you'll get surprised:

-- httppost.c --
#include unistd.h
#include string.h
#include sys/types.h
#include sys/socket.h
#include netinet/in.h
#include errno.h

int
main(void)
{
  int sockfd, connfd, error;
  socklen_t len;
  struct sockaddr_in sa, csa;
  char line[1025];

  if ((sockfd=socket(AF_INET, SOCK_STREAM, 0))0)
  {
printf(error in socket()\n);
exit(1);
  }
  bzero(sa, sizeof(sa));
  sa.sin_family=AF_INET;
  if (inet_aton(194.79.65.203,sa.sin_addr)0)
  {
printf(error on inet_aton\n);
exit(1);
  }
  sa.sin_port=htons(80);

  if (connect(sockfd, sa, sizeof(sa))0)
  {
printf(error on connect\n);
exit(1);
  }

  sprintf(line,POST /dl_bulk.php HTTP/1.0\r\n);
  printf(Sending: %s,line);
  write(sockfd, line, strlen(line));

  sprintf(line,Host: test.datascan.c3im.pt\r\n);
  printf(Sending: %s,line);
  write(sockfd, line, strlen(line));

  sprintf(line,Content-type: text/xml\r\n);
  printf(Sending: %s,line);
  write(sockfd, line, strlen(line));

  sprintf(line,Content-length: 38\r\n\r\n);
  printf(Sending: %s,line);
  write(sockfd, line, strlen(line));

  sprintf(line,?xml version=\1.0\?\r\nbla\r\n/bla\r\n);
  printf(Sending: %s,line);
  write(sockfd, line, strlen(line));

  printf(Reading:\n);
  while(read(sockfd, line, 2048))
  {
line[strlen(line)+1]=0;
printf(%s,line);
  }

  close(sockfd);
}

-- httppost.c --

and this is the dl_bulk.php contents:
-- dl_bulk.php 
?
header(Content-type: text/xml);
print($HTTP_RAW_POST_DATA);
?
-- dl_bulk.php 



-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

[PHP] Reading the content.

Re: [PHP] Reading the content.

Re: [PHP] Reading the content.

RE: [PHP] Reading the content.

Re: [PHP] Reading the content.

Re: [PHP] Reading the content.

6 matches

Site Navigation

Mail list logo

Footer information