PHP :: Bug #33200 :: magic_quotes_sybase switched on breaks the use of /e modifier in preg

Bug #33200	magic_quotes_sybase switched on breaks the use of /e modifier in preg_replace
Submitted:	2005-05-31 12:36 UTC	Modified:	2005-05-31 14:56 UTC
From:	astax_t at gorodok dot net	Assigned:	sniper (profile)
Status:	Closed	Package:	PCRE related
PHP Version:	5., 4.	OS:	*
Private report:	No	CVE-ID:	None

View Developer Edit

[2005-05-31 12:36 UTC] astax_t at gorodok dot net

Description:
------------
When magic_quotes_sybase is On, this also affects how apostrophes are escaped in preg_replace with /e modifier. See example.

In example code I specifically included a string with $ inside to point why it's impossible to use double quotes around \\1 in second parameter.

Reproduce code:
---------------
$str = 'some \'$sample\' text';

$str = preg_replace("/(some.*text)/e", "strtoupper('\\1')", $str);

echo $str;

Expected result:
----------------
SOME '$SAMPLE' TEXT

Actual result:
--------------
Parse error: parse error in E:\test\web\a.php(4) : regexp code on line 1

Fatal error: preg_replace(): Failed evaluating code: strtoupper('some ''$sample'' text') in E:\test\web\a.php on line 4

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-05-31 12:43 UTC] sniper@php.net

RTFM:

"If magic_quotes_sybase  is also on, a single-quote is escaped with a single-quote instead of a backslash."

[2005-05-31 12:49 UTC] astax_t at gorodok dot net

I know how magic_quotes_sybase works, but I state that it should NOT affect /e modifier in regular expressions. The same as magic_quotes_gpc and magic_quotes_runtime doesn't affect this.

[2005-05-31 12:53 UTC] astax_t at gorodok dot net

And additionally, it makes impossible to use preg_replace with /e modifier in certain situations. When subject string comes from external source and so can contain some variables, like in my example.

I still insist that it's a bug.

Thank you.

[2005-05-31 14:13 UTC] sniper@php.net

I stand corrected, fix coming up..

[2005-05-31 14:56 UTC] sniper@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Fri Nov 07 22:00:01 2025 UTC