Query_string in (PHP)-Script

Anonymous anonymous at easysw.com
Tue Jun 15 10:01:16 PDT 2004 

This is a addendum to str #744.

If i try to start a cgi-(php)-script with arguments, the cgi-environment-variable query_string is unassigned and no arguments given to the php-script.

Michael Sweet wrote:
Your URL is not encoded properly - variables are separated by & and not + (which expands to a space)

I changed the URL and the effect is the same - the environment-variable Query_String is unassigned.
The + - sign is in function pipe_comand() in client.c as separator for arguments documented:

 /*
  * Parse the string; arguments can be separated by + and are terminated
  * by ?...
  */

I think, the error is the use of commptr to assign the query_string - commptr is used to build the argv-array and is incremented from the begin of the options to the end.
I have tried to change client.c (CUPS 1.1.20 from SuSE-Linux 9.1) in many ways:

1.)  I have replaced the variable commptr with the variable options in function pipe_command to fill the Environment-Variable QUERY_STRING:

  if (con->operation == HTTP_GET)
  {
    envp[envc ++] = "REQUEST_METHOD=GET";

    if (*commptr)
    {
     /*
      * Add GET form variables after ?...
      */

      *options++ = '\0'; /* changed Kafka */

      snprintf(query_string, sizeof(query_string), "QUERY_STRING=%s", options); /* changed Kafka - commptr in options */
      envp[envc ++] = query_string;
    }
  }
  else
  {
    sprintf(content_length, "CONTENT_LENGTH=%d", con->bytes);
    snprintf(content_type, sizeof(content_type), "CONTENT_TYPE=%s",
             con->http.fields[HTTP_FIELD_CONTENT_TYPE]);

    envp[envc ++] = "REQUEST_METHOD=POST";
    envp[envc ++] = content_length;
    envp[envc ++] = content_type;
  }


Here is the result:

d [08/Jun/2004:10:52:44 +0200] AcceptClient(lis=0x808f418) 0 NumClients = 0
D [08/Jun/2004:10:52:44 +0200] AcceptClient: 8 from 10.69.1.90:631.
d [08/Jun/2004:10:52:44 +0200] AcceptClient: Adding fd 8 to InputSet...
d [08/Jun/2004:10:52:44 +0200] ReadClient() 8, used=0, file=-1
D [08/Jun/2004:10:52:44 +0200] ReadClient() 8 GET /cgi-bin/servervariables.php?op=TEST+name=ER10? HTTP/1.1
d [08/Jun/2004:10:52:44 +0200] decode_auth(0x401f8008): Authorization string = "Basic eXN5c2tsOmNvdHRhMDQ="
d [08/Jun/2004:10:52:44 +0200] decode_auth() 8 username="ysyskl"
d [08/Jun/2004:10:52:44 +0200] IsAuthorized: con->uri = "/cgi-bin/servervariables.php?op=TEST+name=ER10?"
d [08/Jun/2004:10:52:44 +0200] FindBest: uri = "/cgi-bin/servervariables.php?op=TEST+name=ER10?"...
d [08/Jun/2004:10:52:44 +0200] FindBest: Location / Limit 7f
d [08/Jun/2004:10:52:44 +0200] FindBest: Location /jobs Limit 7f
d [08/Jun/2004:10:52:44 +0200] FindBest: Location /admin Limit 7f
d [08/Jun/2004:10:52:44 +0200] FindBest: Location /cgi-bin Limit 7f
d [08/Jun/2004:10:52:44 +0200] FindBest: best = "/cgi-bin"
d [08/Jun/2004:10:52:44 +0200] IsAuthorized: auth = 0, satisfy=0...
d [08/Jun/2004:10:52:44 +0200] IsAuthorized: username = "ysyskl" password = 7 chars
d [08/Jun/2004:10:52:44 +0200] IsAuthorized: Checking "ysyskl", address = 0a45015a, hostname = "10.69.1.90"
d [08/Jun/2004:10:52:44 +0200] IsAuthorized: Checking group membership...
d [08/Jun/2004:10:52:44 +0200] get_file() 8 filename=/usr/share/doc/packages/cups//cgi-bin/servervariables.php size=1659
d [08/Jun/2004:10:52:44 +0200] IsCGI(con=0x401f8008, filename="/usr/share/doc/packages/cups//cgi-bin/servervariables.php", filestats=0xbfff29c0, type=application/x-httpd-php)
d [08/Jun/2004:10:52:44 +0200] IsCGI: Returning 1 with command="/usr/bin/php" and options="php /usr/share/doc/packages/cups//cgi-bin/servervariables.php op=TEST+name=ER10?"
d [08/Jun/2004:10:52:44 +0200] argv[0] = "php"
d [08/Jun/2004:10:52:44 +0200] argv[1] = "/usr/share/doc/packages/cups//cgi-bin/servervariables.php"
d [08/Jun/2004:10:52:44 +0200] argv[2] = "op=TEST"
d [08/Jun/2004:10:52:44 +0200] argv[3] = "name=ER10?"
d [08/Jun/2004:10:52:44 +0200] envp[0] = "PATH=/bin:/usr/bin"
d [08/Jun/2004:10:52:44 +0200] envp[1] = "SERVER_SOFTWARE=CUPS/1.1"
d [08/Jun/2004:10:52:44 +0200] envp[2] = "GATEWAY_INTERFACE=CGI/1.1"
d [08/Jun/2004:10:52:44 +0200] envp[3] = "SERVER_PROTOCOL=HTTP/1.1"
d [08/Jun/2004:10:52:44 +0200] envp[4] = "REDIRECT_STATUS=1"
d [08/Jun/2004:10:52:44 +0200] envp[5] = "CUPS_SERVER=localhost"
d [08/Jun/2004:10:52:44 +0200] envp[6] = "IPP_PORT=631"
d [08/Jun/2004:10:52:44 +0200] envp[7] = "SERVER_NAME=cupstest"
d [08/Jun/2004:10:52:44 +0200] envp[8] = "SERVER_PORT=631"
d [08/Jun/2004:10:52:44 +0200] envp[9] = "REMOTE_ADDR=10.69.1.90"
d [08/Jun/2004:10:52:44 +0200] envp[10] = "REMOTE_HOST=10.69.1.90"
d [08/Jun/2004:10:52:44 +0200] envp[11] = "REMOTE_USER=ysyskl"
d [08/Jun/2004:10:52:44 +0200] envp[12] = "LANG=de.UTF-8"
d [08/Jun/2004:10:52:44 +0200] envp[13] = ""
d [08/Jun/2004:10:52:44 +0200] envp[14] = "TMPDIR=/var/spool/cups/tmp"
d [08/Jun/2004:10:52:44 +0200] envp[15] = "CUPS_DATADIR=/usr/share/cups"
d [08/Jun/2004:10:52:44 +0200] envp[16] = "CUPS_SERVERROOT=/etc/cups"
d [08/Jun/2004:10:52:44 +0200] envp[17] = "HTTP_USER_AGENT=Mozilla/5.0 (Windows; U; Windows NT 5.1; de-DE; rv:1.4) Gecko/20030619 Netscape/7.1 (ax)"
d [08/Jun/2004:10:52:44 +0200] envp[18] = "SCRIPT_NAME=/cgi-bin/servervariables.php"
d [08/Jun/2004:10:52:44 +0200] envp[19] = "REQUEST_METHOD=GET"
d [08/Jun/2004:10:52:44 +0200] envp[20] = "QUERY_STRING=hp /usr/share/doc/packages/cups//cgi-bin/servervariables.php op=TEST+name=ER10?"

2.) I use the uriptr - uriptr is also used to build the variable script_name. I think - this is the correct way:

  snprintf(script_name, sizeof(script_name), "SCRIPT_NAME=%s", con->uri);
  if ((uriptr = strchr(script_name, '?')) != NULL)
    *uriptr = '\0';
  envp[envc ++] = script_name;

  if (con->operation == HTTP_GET)
  {
    envp[envc ++] = "REQUEST_METHOD=GET";

    if (*commptr)
    {
     /*
      * Add GET form variables after ?...
      */

      /* *commptr++ = '\0';  Kafka */
      uriptr ++; /* Kafka */
      snprintf(query_string, sizeof(query_string), "QUERY_STRING=%s", uriptr); /* Kafka */
      envp[envc ++] = query_string;
    }
  }
  else

Here the results:

D [14/Jun/2004:13:23:10 +0200] AcceptClient: 8 from 10.69.1.90:631.
d [14/Jun/2004:13:23:10 +0200] AcceptClient: Adding fd 8 to InputSet...
d [14/Jun/2004:13:23:10 +0200] ReadClient() 8, used=0, file=-1
D [14/Jun/2004:13:23:10 +0200] ReadClient() 8 GET /cgi-bin/servervariables.php?op=TEST+name=ER10? HTTP/1.1
d [14/Jun/2004:13:23:10 +0200] decode_auth(0x401f8008): Authorization string = "Basic eXN5c2tsOmNvdHRhMDQ="
d [14/Jun/2004:13:23:10 +0200] decode_auth() 8 username="ysyskl"
d [14/Jun/2004:13:23:10 +0200] IsAuthorized: con->uri = "/cgi-bin/servervariables.php?op=TEST+name=ER10?"
d [14/Jun/2004:13:23:10 +0200] FindBest: uri = "/cgi-bin/servervariables.php?op=TEST+name=ER10?"...
d [14/Jun/2004:13:23:10 +0200] FindBest: Location / Limit 7f
d [14/Jun/2004:13:23:10 +0200] FindBest: Location /jobs Limit 7f
d [14/Jun/2004:13:23:10 +0200] FindBest: Location /admin Limit 7f
d [14/Jun/2004:13:23:10 +0200] FindBest: Location /cgi-bin Limit 7f
d [14/Jun/2004:13:23:10 +0200] FindBest: best = "/cgi-bin"
d [14/Jun/2004:13:23:10 +0200] IsAuthorized: auth = 0, satisfy=0...
d [14/Jun/2004:13:23:10 +0200] IsAuthorized: username = "ysyskl" password = 7 chars
d [14/Jun/2004:13:23:10 +0200] IsAuthorized: Checking "ysyskl", address = 0a45015a, hostname = "10.69.1.90"
d [14/Jun/2004:13:23:10 +0200] IsAuthorized: Checking group membership...
d [14/Jun/2004:13:23:10 +0200] get_file() 8 filename=/usr/share/doc/packages/cups//cgi-bin/servervariables.php size=3195
d [14/Jun/2004:13:23:10 +0200] IsCGI(con=0x401f8008, filename="/usr/share/doc/packages/cups//cgi-bin/servervariables.php", filestats=0xbfff29c0, type=application/x-httpd-php)
d [14/Jun/2004:13:23:10 +0200] IsCGI: Returning 1 with command="/usr/bin/php" and options="php /usr/share/doc/packages/cups//cgi-bin/servervariables.php op=TEST+name=ER10?"
d [14/Jun/2004:13:23:10 +0200] argv[0] = "php"
d [14/Jun/2004:13:23:10 +0200] argv[1] = "/usr/share/doc/packages/cups//cgi-bin/servervariables.php"
d [14/Jun/2004:13:23:10 +0200] argv[2] = "op=TEST"
d [14/Jun/2004:13:23:10 +0200] argv[3] = "name=ER10?"
d [14/Jun/2004:13:23:10 +0200] envp[0] = "PATH=/bin:/usr/bin"
d [14/Jun/2004:13:23:10 +0200] envp[1] = "SERVER_SOFTWARE=CUPS/1.1"
d [14/Jun/2004:13:23:10 +0200] envp[2] = "GATEWAY_INTERFACE=CGI/1.1"
d [14/Jun/2004:13:23:10 +0200] envp[3] = "SERVER_PROTOCOL=HTTP/1.1"
d [14/Jun/2004:13:23:10 +0200] envp[4] = "REDIRECT_STATUS=1"
d [14/Jun/2004:13:23:10 +0200] envp[5] = "CUPS_SERVER=localhost"
d [14/Jun/2004:13:23:10 +0200] envp[6] = "IPP_PORT=631"
d [14/Jun/2004:13:23:10 +0200] envp[7] = "SERVER_NAME=cupstest"
d [14/Jun/2004:13:23:10 +0200] envp[8] = "SERVER_PORT=631"
d [14/Jun/2004:13:23:10 +0200] envp[9] = "REMOTE_ADDR=10.69.1.90"
d [14/Jun/2004:13:23:10 +0200] envp[10] = "REMOTE_HOST=10.69.1.90"
d [14/Jun/2004:13:23:10 +0200] envp[11] = "REMOTE_USER=ysyskl"
d [14/Jun/2004:13:23:10 +0200] envp[12] = "LANG=de.UTF-8"
d [14/Jun/2004:13:23:10 +0200] envp[13] = ""
d [14/Jun/2004:13:23:10 +0200] envp[14] = "TMPDIR=/var/spool/cups/tmp"
d [14/Jun/2004:13:23:10 +0200] envp[15] = "CUPS_DATADIR=/usr/share/cups"
d [14/Jun/2004:13:23:10 +0200] envp[16] = "CUPS_SERVERROOT=/etc/cups"
d [14/Jun/2004:13:23:10 +0200] envp[17] = "HTTP_USER_AGENT=Mozilla/5.0 (Windows; U; Windows NT 5.1; de-DE; rv:1.4) Gecko/20030619 Netscape/7.1 (ax)"
d [14/Jun/2004:13:23:10 +0200] envp[18] = "SCRIPT_NAME=/cgi-bin/servervariables.php"
d [14/Jun/2004:13:23:10 +0200] envp[19] = "REQUEST_METHOD=GET"
d [14/Jun/2004:13:23:10 +0200] envp[20] = "QUERY_STRING=op=TEST+name=ER10?"
d [14/Jun/2004:13:23:10 +0200] AddCert: adding certificate for pid 10426
D [14/Jun/2004:13:23:10 +0200] CGI /usr/bin/php started - PID = 10426
I [14/Jun/2004:13:23:10 +0200] Started "/usr/bin/php" (pid=10426)
D [14/Jun/2004:13:23:10 +0200] SendCommand: 8 file=12
d [14/Jun/2004:13:23:10 +0200] SendCommand: Adding fd 12 to InputSet...
d [14/Jun/2004:13:23:10 +0200] SendCommand: Adding fd 8 to OutputSet...
d [14/Jun/2004:13:23:11 +0200] WriteClient: 8 X-Powered-By: PHP/4.2.2
d [14/Jun/2004:13:23:11 +0200] WriteClient: 8 Content-type: text/html
d [14/Jun/2004:13:23:11 +0200] WriteClient: 8
d [14/Jun/2004:13:23:11 +0200] WriteClient: 8 1996 bytes
d [14/Jun/2004:13:23:11 +0200] WriteClient: 8 1911 bytes
E [14/Jun/2004:13:23:11 +0200] PID 10426 stopped with status 255!
d [14/Jun/2004:13:23:11 +0200] DeleteCert: removing certificate for pid 10426
d [14/Jun/2004:13:23:11 +0200] WriteClient: Removing fd 8 from OutputSet...
d [14/Jun/2004:13:23:11 +0200] WriteClient: Removing fd 12 from InputSet...
d [14/Jun/2004:13:23:11 +0200] WriteClient: 8 Closing data file 12.


I have tried to use the uri with and without the ?-terminator - only ?-terminated uri-strings can fill the query-string-variable and the arguments.


Regards
Lutz Kafka

More information about the cups-devel mailing list