This is a modified version of my forumpost, somewhere. This isn't actually a bug, more some sort of logical error, which allows you to bypass certain restrictions. I have to add that you might never even encounter this!

Apache has an extension called mod_rewrite. This extension allows webmasters to 'rewrite' their URL's to a more userfriendly version,  ?strangevar=weirddata would become /vars/data.html for example.

PHP has something which is directly modified by the url, the predefined variable $_SERVER['REQUEST_URI']. This variable has a lot of different uses, but the one I am going to talk about is the case where it is used to prevent direct access to certain files. This is a commonly used method to block all kinds of exploits.

A (bad) example is this:

<?php
if(preg_match("/testing\.php/",$_SERVER['REQUEST_URI']))
{
die("Don't do that.");
}
print "Passed the test.";
?>

This would prevent people from accessing the file when it is not included in an other one. The bad thing about this is when there is a .htaccess file in the same directory using this mod_rewrite configuration:

RewriteEngine on
RewriteRule ^([^/\.]+)\.html?$ $1\.php [L]

Thanks to this configuration, you can access testing.php simply under the url testing.html. REQUEST_URI is directly modified by the mod_rewrite settings, thus passing unexpected data to the PHP script. Yes, this is extremely limited and might never be found in any live application, I didn't check any applications for it.