PHP :: Bug #12158 :: EVAL code not working correctly if IF block

Bug #12158	EVAL code not working correctly if IF block
Submitted:	2001-07-13 20:58 UTC	Modified:	2001-07-17 11:53 UTC
From:	craig at nerds dot net	Assigned:
Status:	Closed	Package:	Strings related
PHP Version:	4.0.6	OS:	Win2K
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	craig at nerds dot net
New email:
PHP Version:		OS:

New/Additional Comment:

[2001-07-13 20:58 UTC] craig at nerds dot net

<?php

$extensions=array(".htm",".asp");

$x="";
$numargs=count($extensions);
for ($i=0;$i<=$numargs-1;$i++){	
	$x=$x."strstr(\$filename,\"".$extensions[$i]."\")";
	if ($numargs>0 && $i!=$numargs-1){
		$x=$x." || ";
	}		
}
$validExtensions=$x;
echo $validExtensions;

		
$handle=opendir('.');

while (($filename = readdir($handle))!==false) {
if (is_file($filename)){
	$fd = fopen ($filename, "rb");
	$contents = fread ($fd, filesize ($filename));

		if (eval($validExtensions)){
				echo $filename."<br>";
		}

	fclose ($fd);
}

      

}
closedir($handle); 






?>

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2001-07-17 11:53 UTC] stas@php.net

The code you get is:

strstr($filename,".htm") || strstr($filename,".asp")

this is not a valid code block for eval. If you add "return " before it and ";" after it, it should work then.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sun Dec 22 11:01:30 2024 UTC