Explain: php_self or $_SERVER[‘PHP_SELF’] Usage

Can you explain usage of predefined variables called $_SERVER[‘PHP_SELF’]?

PHP programming language provides a lots of predefined variables. Your php script can access a large number of such predefined variables.

ADVERTISEMENTS

$_SERVER array

$_SERVER is an array defined in PHP and it stores information about your server and execution environment information.

$_SERVER[‘PHP_SELF’] variable

This array element points out the filename of the currently executing script. For example, if you run www.cyberciti.biz/index.php, $_SERVER[‘PHP_SELF’] would be /index.php. This is relative to the document root. This is useful to referring HTML forms and other element.

....
<div class="forumform">
<form action="' . $_SERVER[PHP_SELF]. '" method="post" onSubmit="return checkForm()" name="pforum">
....
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
CategoryList of Unix and Linux commands
File Managementcat
FirewallCentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network Utilitiesdig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNCentOS 8 Debian 10 Firewall Ubuntu 20.04

ADVERTISEMENTS
4 comments… add one
  • Eugene Mar 19, 2009 @ 10:34

    There is also a magic php constant __FILE__ .

    The php.net documentation goes like this:
    The full path and filename of the file. If used inside an include, the name of the included file is returned. Since PHP 4.0.2, __FILE__ always contains an absolute path with symlinks resolved whereas in older versions it contained relative path under some circumstances.

  • Manko10 Mar 19, 2009 @ 18:22

    Be careful!
    $_SERVER[‘PHP_SELF’] contains not only the path to the current PHP script, it also contains the PATH_INFO ($_SERVER[‘PATH_INFO’]). This is something very useful which allows you to attach further information to a file. For example MediaWiki uses it in this way: index.php/Article_Name whereas /Article_Name is the PATH_INFO.
    The downside is that this is a possible security vulnerability (XSS, CSRF etc.). To get the raw script name without any PATH_INFO you have to use $_SERVER[‘SCRIPT_NAME’].

  • yibss Jun 20, 2013 @ 7:49

    thank you.

  • Gustavo Jul 30, 2013 @ 16:25

    I saw your form line..and I think there is a problem with that…The proper way to use it will be:

    <form action="” method=”post” onsubmit=”return formCheck(this)”; name=”pforum”>

    Thank you.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre>, <code>...</code> and <kbd>...</kbd> for code samples.