PHP :: Bug #10372 :: php addslashes() the entire page

Bug #10372	php addslashes() the entire page
Submitted:	2001-04-18 02:49 UTC	Modified:	2002-06-18 18:27 UTC
From:	hiryuu at envisiongames dot net	Assigned:
Status:	Not a bug	Package:	Scripting Engine problem
PHP Version:	4.0.4	OS:	Apache 1.3.14 / Debian 2.2
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	hiryuu at envisiongames dot net
New email:
PHP Version:		OS:

New Comment:

[2001-04-18 02:49 UTC] hiryuu at envisiongames dot net

PHP will intermittently produce a page where all quotes 
are backslashed, such as:

<body bgcolor=\"000000\" text=\"ffffff\" link=\"ffffff\" 
vlink=\"ffffff\"
  alink=\"c0c0c0\" leftmargin=\"0\" topmargin=\"0\" 
marginwidth=\"0\"
  marginheight=\"0\">

<table width=\"100%\" height=\"100%\" border=\"0\" 
cellspacing=\"0\"
  cellpadding=\"0\">
<tr>

This particular page is produced using a template system, 
so it has passed through file(), join, spliti, 
str_replace, and echo.

The original data (in the file) contained no backslashes 
and all magic quotes-related options are off (at least, 
according to phpinfo).  The phpinfo output is not affected 
by this.

This is a vhosting server and one site (not this one) has 
magic_quotes_gpc and magic_quotes_runtime enabled in their 
.htaccess file.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2001-04-18 02:56 UTC] cynic@php.net

IIRC there was some odd interaction between session_start() and include(). Try upgrading to pl1 or higher (RC5 or current snapshot) and see if it persists.

[2001-05-16 00:59 UTC] sniper@php.net

no feedback, considered fixed.

--Jani

[2001-07-16 04:05 UTC] hiryuu at envisiongames dot net

This bug continues, but further tracking has traced it to file() addslashing the template file.  The issue is the same as described in bug #11042 (http://www.php.net/bugs.php?id=11042).

[2002-06-18 18:27 UTC] sniper@php.net

..and that one was bogused.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2026 The PHP Group All rights reserved.	Last updated: Sun Jan 25 16:00:01 2026 UTC