I have a fresh php 5.2.6 install on Apache 2 under CentOS 5.3. After receiving complaints from some users that they were unable to submit their abstracts on our proposal submission website, I was able to isolate the problem to this minimal and extremely simple example:
<html>
<head>
</head>
<body>
<form name="submitform" action="" method="post">
<textarea name="mytextarea"></textarea>
<input type="submit" value="Submit"/>
</form>
</body>
</html>
<head>
</head>
<body>
<form name="submitform" action="" method="post">
<textarea name="mytextarea"></textarea>
<input type="submit" value="Submit"/>
</form>
</body>
</html>
The phantomurl.php doesn't exist because its irrelevant to the example. The above code works fine and leads to a 404 error when anything is entered in the textbox, except when you enter "system(" or "system (". In this case, the browser simply chugs along and eventually times out on the request (no matter how high the timeout is set in php.ini). I have confirmed this problem with another server with php 5.1.6 which Centos 5.3 officially supports. If I change phantomurl.php to phantomurl.txt, then again it works (although after a bit of delay) and shows me a 404 again.
Can someone confirm if they're having the same issue? I'm not sure if apache or php is the culprit here, maybe trying to parse the input for security reasons? I initially thought SELinux was causing the issue, but disabling it doesn't solve it either.
Thanks for your help!
- Follow-Ups:
- Re: "system (" in any textarea hangs php/apache ?
- From: Ryan Schmidt
- Re: "system (" in any textarea hangs php/apache ?
- Prev by Date: RE: [PHP-WEBMASTER] problem!!
- Next by Date: Re: "system (" in any textarea hangs php/apache ?
- Previous by thread: Re: [PHP-WEBMASTER] problem!!
- Next by thread: Re: "system (" in any textarea hangs php/apache ?
- Index(es):
 |