php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #16027 decoding of GET-parameter %D0%27 fails
Submitted: 2002-03-12 18:28 UTC Modified: 2002-03-12 18:35 UTC
From: schmidt at bcc dot de Assigned:
Status: Not a bug Package: *General Issues
PHP Version: 4.1.2 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: schmidt at bcc dot de
New email:
PHP Version: OS:

 

 [2002-03-12 18:28 UTC] schmidt at bcc dot de 
After decoding a GET-request containing %D0%27 an extraneous \ is inserted between the two characters. This may easily reproduced by calling a PHP-page containing phpinfo(), calling it with ?request=%D027 ad taking a look at the "PHP Variables" section.

_GET["request"] ?\'?
_SERVER["REQUEST_METHOD"] GET?
_SERVER["QUERY_STRING"] request=%D0%27?
_SERVER["REQUEST_URI"] /bla.php?request=%D0%27

For your convenience I've added some more lines from the output:

_SERVER["SERVER_SOFTWARE"] Apache/1.3.23 (Unix) mod_ssl/2.8.7 OpenSSL/0.9.6b PHP/4.1.2?

Configure Command?'./configure' '--with-pgsql' '--with-apxs=/usr/local/apache/bin/apxs' '--with-xml' '--without-mysql' '--enable-sysvshm' '--enable-sysvsm' '--with-config-file-path=/usr/local/apache' '--enable-track-vars' '--enable-force-cgi-redirect' '--with-gettext' '--enable-inline-optimization'

I've seen the bug the first time with PHP 4.0.6,then checked against PHP 4.1.2.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-03-12 18:35 UTC] sniper@php.net 
Check your php.ini..you have 'magic_quotes_gpc=On' there. Turn it off and you won't see the slash.
Not a bug but expected behaviour.

--Jani
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Thu Nov 06 21:00:02 2025 UTC