php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #38859 parse_url fails if passing '@' in passwd
Submitted: 2006-09-17 10:54 UTC Modified: 2006-09-28 15:16 UTC
From: schappy at mail dot ru Assigned: iliaa (profile)
Status: Closed Package: URL related
PHP Version: 4.4.4 OS: all
Private report: No CVE-ID: None
 [2006-09-17 10:54 UTC] schappy at mail dot ru
Description:
------------
If you specify a username/password containing a '@'-sign the parse_url will not decode the password correctly.

See example below.

While parsing the string, it should be used the last index of '@' to find the hostname instead of the first occurence.

Reproduce code:
---------------
<?php
$url = 'http://user:@pass@host/path?argument?value#etc';

print_r(parse_url($url));
?>

Array
(
    [scheme] => http
    [host] => pass@host
    [user] => user
    [path] => /path
    [query] => argument?value
    [fragment] => etc
)

Expected result:
----------------
<?php
$url = 'http://user:@pass@host/path?argument?value#etc';

print_r(parse_url($url));
?>

Array
(
    [scheme] => http
    [pass] => @pass
    [host] => host
    [user] => user
    [path] => /path
    [query] => argument?value
    [fragment] => etc
)


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-09-17 11:20 UTC] tony2001@php.net
Ilia, please take a look at this patch:
http://tony2001.phpclub.net/dev/tmp/bug38859.diff
 [2006-09-28 15:16 UTC] iliaa@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Dec 30 14:01:28 2024 UTC