The information returned by get_current_user() seems to depend on the platform.
Using PHP 5.1.1 running as CGI with IIS 5.0 on Windows NT, get_current_user() returns the owner of the process running the script, *not* the owner of the script itself.
It's easy to test - create a file containing:
<?
echo get_current_user();
?>
Then access it through the browser. I get: IUSR_MACHINE, the Internet Guest Account on Windows, which is certainly not the owner of the script.
get_current_user
(PHP 4, PHP 5)
get_current_user — 現在の PHP スクリプトの所有者の名前を取得する
説明
string get_current_user
( void
)
現在の PHP スクリプトの所有者の名前を返します。
返り値
ユーザ名を表す文字列。
get_current_user
s dot bond1 at lse dot ac dot uk
10-May-2007 09:17
10-May-2007 09:17
tmacedo at linux dot ime dot usp br
22-Nov-2006 04:46
22-Nov-2006 04:46
<?php
/**
* addendum to 'SiliconExpress at Techie dot com' post:
* at Win32 enviroment, you have:
**/
var_dump(strcmp($_SERVER['SCRIPT_FILENAME'], __FILE__));
// output: int(0)
/**
* but you can use, instead:
**/
var_dump(strcmp(realpath($_SERVER['SCRIPT_FILENAME']), __FILE__));
// output: int(-1)
?>
justin samuel
09-Oct-2005 03:45
09-Oct-2005 03:45
to get the username of the process owner (rather than the file owner), you can use:
<?php
$processUser = posix_getpwuid(posix_geteuid());
print $processUser['name'];
?>
justin samuel
09-Oct-2005 03:25
09-Oct-2005 03:25
with 4.3.11 (and i assume all other versions):
get_current_user() does *not* get the name of the user the script is running as, as stated in the comment below. instead, it "gets the name of the owner of the current PHP script" (as stated in the description above) --- that is, the owner of the file, not the owner of the process.
if the script file is owned by root but php scripts are being being run as apache (for example, you're using mod_php because you don't mind your shared hosting environment being insecure), when you request your script through the webserver, get_current_user() will return "root". that does not mean your script is running as root.
joho at pop3 dot nu
06-Oct-2005 09:43
06-Oct-2005 09:43
get_current_user () returns the owner of the process running the script. In most cases, this will be the web server user ("nobody", "httpd", "apache", etc).
SiliconExpress at Techie dot com
20-Jun-2005 11:34
20-Jun-2005 11:34
The 'constant' __FILE__ works easier ...
Example :
echo __FILE__;
Returns - '/home/username/public_html/filename.php'
This works INSIDE includes!!! It saved me a bunch of problems.. If I want to make sure somebody does not load a file directly this is supposed be be an include this is the code I use... Hope it helps you as much as it does me! :)
//If user tries to load page directly the redirect to the home page
if ($_SERVER['SCRIPT_FILENAME'] == __FILE__) {
header("HTTP/1.1 301 Moved Permanently");
header("Location: /");
echo "DO NOT TRY TO ACCESS THIS FILE DIRECTLY\r\n";
exit;}
comicforum at lelon dot net
23-Apr-2005 06:51
23-Apr-2005 06:51
Under windows, this function does not work the same in Apache as it does in IIS. If you want the user name in apache, you have to use...
getenv("REMOTE_USER");