PHP :: Bug #36703 :: Can't include a literal plus sign in a character class

Bug #36703

Can't include a literal plus sign in a character class

Submitted:

2006-03-12 09:01 UTC

Modified:

2006-03-20 01:00 UTC

Votes:	4
Avg. Score:	4.0 ± 1.0
Reproduced:	4 of 4 (100.0%)
Same Version:	4 (100.0%)
Same OS:	3 (75.0%)

From:

5jpck6k02 at sneakemail dot com

Assigned:

Status:

No Feedback

Package:

PCRE related

PHP Version:

5.1.2

OS:

Linux

Private report:

CVE-ID:

None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	5jpck6k02 at sneakemail dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2006-03-12 09:01 UTC] 5jpck6k02 at sneakemail dot com

Description:
------------
A simple regular expression that has worked for years in PHP 4 
suddenly fails under PHP 5. 

Reproduce code:
---------------
foreach($_GET as $val)
	{
		if ( preg_match("/[^a-z0-9_\-\+]/i", $val) )
		{			
			die("<p>Invalid request.</p>");
		}
	}

Expected result:
----------------
The above code is used to filter out bogus GET requests 
containing potential XSS attacks at the top of a script. It 
should allow all legitimate requests comprised of alphanumeric 
characters, underscores, and plus and minus signs, through, 
while kicking anything containing a character not included in 
the character class out,

Actual result:
--------------
The regex matches plus signs contained in query strings even 
though the plus sign is explicitly included in the negated 
character class. I believe it is being interpreted as a 
quantifier when it is meant to be taken literally, I have not 
been able to find any means of successfully including a 
literal plus sign in a character class under PHP 5 to date.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2006-03-12 09:13 UTC] tony2001@php.net

Not enough information was provided for us to be able
to handle this bug. Please re-read the instructions at
http://bugs.php.net/how-to-report.php

If you can provide more information, feel free to add it
to this bug and change the status back to "Open".

Thank you for your interest in PHP.


3 fields in the form: the reproduce code, the expected result and the actual result are not just for fun. 
Please fill them with the appropriate information: the code, the result you expect to get and the result you actually get.

[2006-03-20 01:00 UTC] php-bugs at lists dot php dot net

No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Nov 06 22:00:01 2025 UTC