Friday, June 8, 2012

What would cause PHP variables to be rewritten by the server?

I was given a VM at my company to install web software on. But I came across a rather bizarre issue where PHP variables would be overwritten (rewritten) by the server if they matched a specific pattern. What could rewrite PHP variables like this?

The following is as an entire standalone script.

$foo = '';
echo $foo; // ''

$bar = '';
echo $bar; // ''

$var = '';
echo $var; // '' (not overwritten because it didn't match whatever RegEx has been set)

Essentially any variable which contains a subdomain and matches on the domain name would be rewritten. This isn't something mod_rewrite would be able to touch, so it has to be something at the server level that is parsing out PHP and rewriting a string if it matches a RegEx.

Source: Tips4all

1 comment:

  1. Output overwriting is possible within Apache by using mod_perl: PerlOutputFilterHandler.

    The following could be added to an apache.conf to set the output filter:

    <FilesMatch "\.(html?|php|xml|css)$">
    PerlSetVar Filter On
    PerlHandler MyApache2::FilterDomain
    PerlOutputFilterHandler MyApache2::FilterDomain

    Example filter handler code:

    package MyApache2::FilterDomain;

    use strict;
    use warnings;

    use Apache2::Filter();
    use Apache2::RequestRec();
    use APR::Table();

    use Apache2::Const -compile => qw(OK);

    use constant BUFF_LEN => 1024;

    sub handler {
    my $f = shift;
    my @hostname = split(/\./, $f->r->hostname);
    my $new_hostname = $hostname[0].".".$hostname[1];

    unless ($f->ctx) {

    while ($f->read(my $buffer, BUFF_LEN)) {
    $buffer =~ s/([a-z0-9]+)+\.domain\./$new_hostname\.$1.domain\./g;

    return Apache2::Const::OK;

    More on Apache mod_perl filters can be found here: mod_perl: Input and Output Filters