Jürgen Wind wrote: >> I have not really followed this discussion, but when i see something like > this: >> "$_SERVER['SCRIPT_NAME'] will contain the full _filesystem_ path, >> which is not what we're after." >> >> Can you just do a 1 line regex and pull out what you need? And you are all > set. >> :-) ed > > no need for regex here, a simple basename($_SERVER['SCRIPT_NAME']) will do > Happy New Year!
As I outlined earlier in this thread, this will _not_ work if php is running as a cgi, you'll get 'php4-cgi' instead of 'myfilename.php' unless you have cgi.fix_pathinfo set to 1 (default is 0). Your previous comment regarding the fact that __FILE__ will give the name of the file it is placed in rather than the requested file is perfectly valid and worth keeping in mind. I'm starting to wonder whether the construct <form action="?" method="post"> might be a simple secure way of getting around the requirement of having something in the action field. That doesn't help with the problem of correctly and securely generating the root-relative URL of a script however. Dan _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
