Jump to content

Recommended Posts

hello guys!!

 

I am new to php and currently working on some php tutorial for developing an e-commerce site. I came across a line of code:

$ME=$SCRIPT_NAME;

 

where $ME is a global variable. Then after, the script makes use of this variable many times to redirect to the same page shown in URL and set values for some other variables. The problem is:

i) the above code of line shows up error

ii)when using $_SERVER['SCRIPT_NAME'] or $_SERVER['PHP_SELF'] no error is displayed....but while clicking on the link that makes use of $ME variable an error "Access Forbidden " Error 403 is displayed in the browser.

 

Currently, i am using the xampp 1.7.1 that bundles apache and php 5.3. Should i fix sth. in php.ini or sth else? help

Link to comment
https://forums.phpfreaks.com/topic/184655-_serverscript_name-problem/
Share on other sites

The following is the script file app.php

<?php

 

/* turn on verbose error reporting (15) to see all warnings and errors */

error_reporting(E_ALL);

 

/* define a generic object */

class object {};

 

/* setup the configuration object */

$CFG = new object;

 

$CFG->dbhost = "localhost";

$CFG->dbname = "mymarket";

$CFG->dbuser = "myuser";

$CFG->dbpass = "mypassword";

 

$CFG->wwwroot    = "/mymarket";

$CFG->dirroot    = "D:xampp server/xampp/htdocs/mymarket";

$CFG->templatedir = "$CFG->dirroot/templates";

$CFG->libdir      = "$CFG->dirroot/lib";

$CFG->imagedir    = "$CFG->dirroot/images";

 

/* define database error handling behavior, since we are in development stages

* we will turn on all the debugging messages to help us troubleshoot */

 

$DB_DEBUG = true;

$DB_DIE_ON_FAIL = true;

 

/* load up standard libraries */

require("$CFG->libdir/stdlib.php");

require("$CFG->libdir/dblib.php");

 

/* setup some global variables */

//$ME = $_SERVER["SCRIPT_NAME"];

//$ME = $_SERVER['SCRIPT_NAME'];

$ME= $SCRIPT_NAME;

 

 

/* connect to the database */

db_connect($CFG->dbhost, $CFG->dbname, $CFG->dbuser, $CFG->dbpass);

 

/*mysql_connect("localhost","myuser","mypassword") or die("cannot connect to database");

mysql_select_db("mymarket"); */

?>

 

 

And then  i make use of this $ME variable in the following script:

 

<p class=normal>

<a href="<?php=$ME?>?mode=add">[+C] Add Category</a>

</p

firstly put your code in code/php tags. secondly this line

$ME= $SCRIPT_NAME;

 

I don't see where $SCRIPT_NAME is defined, unless its defined in one of your two requires.

 

When you saw that code, it probably relied in a setting in php.ini called register_globals set to one (basically it would take the global variables, like $_SERVER['SCRIPT_NAME']; and make variables with the same name as their index values)

 

I suggest you keep register_globals set to off, as it can be a security risk. You should just use the $_SERVER['SCRIPT_NAME'] variable

yeah....i actually set register_globals on and used the $SCRIPT_NAME directly.

But at your suggestion i have set register_globals in php.ini to off and  have omitted the use of

 

          $ME=$SCRIPT_NAME;

but i have used

 

          $ME=$_SERVER['SCRIPT_NAME'];

AND    $ME=$_SERVER['PHP_SELF'];

 

but the following error keeps on showing:

 

Access forbidden!

 

You don't have permission to access the requested object. It is either read-protected or not readable by the server.

 

If you think this is a server error, please contact the webmaster.

Error 403

Until you investigate (or provide us with information) what the URL actually is that is producing that error and determine what about it is incorrect about it, no one can help you. For all we know you don't have permission to access that URL.

 

The concept of the script here as u gurus have figured out is that when anyone clicks on the link 

          <a href="<?php=$ME?>?mode=add">[+C] Add Category</a>

 

the the value to a variable $mode should be passed add so that the following script should work:

 

          include("../application.php");

 

$DOC_TITLE = "MyMarket Category Management";

include("templates/header.php");

 

switch (nvl($mode)) {

case "add" :

print_add_category_form(nvl($id, 0));

break;

 

case "edit" :

print_edit_category_form($id);

break;

                          ..............and so on

 

Then after after invokes to functions nvl($mode), the switch should call the function

                    print_add_category_form(nvl($id, 0));

that contains the appropriate sql for adding data into mysql database.

 

 

But when clicking on the link the following is displayed in the URL

                            http://localhost/mymarket/admin/<?php=$ME?>?mode=add

and the error i mentioned earlier shows up.

 

 

 

To the best of my knowledge I have investigated and felt/realised (i might be wrong) that the value add is passed to the $mode and the problem is in the page redirection.

 

Should you guys need sufficient code info......its just only a few scripts......i have attached here....

 

 

 

 

[attachment deleted by admin]

But when clicking on the link the following is displayed in the URL

                            http://localhost/mymarket/admin/<?php=$ME?>?mode=add

 

Finally, some relevant information.  :examine: Too bad you did not tell us the name of the file where that is located so it could be found or just post the relevant code that is outputting that.

The script        <a href ........>...</a>            is in a php file called category_list.php.

And the script:

 

switch (nvl($mode)) {

case "add" :

print_add_category_form(nvl($id, 0));

break;

 

case "edit" :

print_edit_category_form($id);

break;

                        ............and so on....

 

is in a file called category.php. Both these files are inside a folder called admin.

And the pathname for admin folder is as follows:

D:\xampp server\xampp\htdocs\mymarket\admin

 

I am currently using windows and xampp that bundles  apache, php and mysql.

 

I am a bit confused what other details should i provide....can u be specific pls....

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.