php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #10049 Slashes passed thru a file upload
Submitted: 2001-03-29 03:55 UTC Modified: 2001-10-28 17:34 UTC
From: arnaud at cenet dot fr Assigned:
Status: Closed Package: Feature/Change Request
PHP Version: 4.0.4pl1 OS: Win98 / PWS 4.0
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: arnaud at cenet dot fr
New email:
PHP Version: OS:

 

 [2001-03-29 03:55 UTC] arnaud at cenet dot fr 
Maybe it's a not a bug but with Php 3.0.7 and PHP 4.0.2, when you upload a file, the file name is not stripslashed but in PHP4.0.4pl1, it is... That's confusing because I use a stripslashes function...
Example :

I upload "c:\windows\toto.txt" => PHP 3.0.8 and 4.0.2 : i get in the associated variable : "c:\\windows\\toto.txt" so I stripslash it... But in PHP 4.0.4pl1, i get "c:\windows\toto.txt" so when i stripslahs it, it can't find the file "c:windowstoto.txt"...
I found a workaround but it's boring...

That's all...

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-10-28 17:34 UTC] sniper@php.net 
This should be fixed in CVS now. You can try the latest 
development build from http://www.php4win.com/ but
make sure it's dated after 27th of October 2001.

Also, there are some minor leaks still in the new code.
If you encounter such leaks, please send the shortest
possible code + html with which you can reproduce the leak
to php-dev@lists.php.net (or me) so we can get rid of these leaks. 

This fix will be in PHP 4.2.0.

--Jani
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sun May 05 16:01:30 2024 UTC