PHP: writing into $_SESSION with $$vars
Posted: Mon Oct 10, 2011 9:08 pm
I have some data-injection code in place in an innocuous-looking block of code. Basically it's something along the lines of:
This is fine as is, as the key thing I need to overwrite is above this block in the code, but it would be awesome if I could also mess with the $_SESSION variable. Unfortunately, when I submit a POST with an element named something like "$_SESSION[uid]" it does indeed include my input in $_SESSION['uid'], but it clears the rest of it out, resulting in a $_SESSION variable that contains only the new field.
According to the PHP docs "variable variables cannot be used with PHP's Superglobal arrays within functions or class methods" -- however while $_SESSION is a superglobal, this code is not in a function or method, so it's not out of the question. Any PHP geeks know of a way around this?
note: yes obviously I could handle session values separately but that would look mighty suspicious, and this code needs to pass visual inspection
Code: Select all
foreach ($_POST as $key => $value) {
$$key = $value;
}
According to the PHP docs "variable variables cannot be used with PHP's Superglobal arrays within functions or class methods" -- however while $_SESSION is a superglobal, this code is not in a function or method, so it's not out of the question. Any PHP geeks know of a way around this?
note: yes obviously I could handle session values separately but that would look mighty suspicious, and this code needs to pass visual inspection