PHP :: Bug #18322 :: Can't add words with "'" in my PEAR account userinfo

Bug #18322	Can't add words with "'" in my PEAR account userinfo
Submitted:	2002-07-12 19:39 UTC	Modified:	2002-07-13 04:24 UTC
From:	floripa@php.net	Assigned:
Status:	Closed	Package:	PEAR related
PHP Version:	4.2.1	OS:	FreeBSD 4.6-STABLE
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	floripa@php.net
New email:
PHP Version:		OS:

New Comment:

[2002-07-12 19:39 UTC] floripa@php.net

I tried to edit my PEAR account and got this error.
Nothing that an "addslashes()" don't fix. ;)

Error: DB Error: syntax error: UPDATE users SET name = 'Ant?nio Carlos Ven?ncio J?nior', email = 'floripa@organiKa.com.br', homepage = '', userinfo = '"Can't buy what I want because its FREE!" Pearl Jam', wishlist = '', showemail = '1', admin = '0' WHERE handle = 'antonio' [nativecode=1064 ** You have an error in your SQL syntax near 't buy what I want because its FREE!" Pearl Jam', wishlist = '', showemail = '1'' at line 1]

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-07-12 20:12 UTC] floripa@php.net

--- account-edit.php	Sun Jun  9 19:48:47 2002
+++ fixed/account-edit.php	Fri Jul 12 21:02:20 2002
@@ -57,7 +57,7 @@
                          $HTTP_POST_VARS['name'],
                          $HTTP_POST_VARS['email'],
                          $HTTP_POST_VARS['homepage'],
-                         $HTTP_POST_VARS['userinfo'],
+                         addslashes ($HTTP_POST_VARS['userinfo']),
                          $HTTP_POST_VARS['wishlist'],
                          isset($HTTP_POST_VARS['showemail']) ? 1 : 0,
                          isset($HTTP_POST_VARS['admin']) ? 1 : 0);

[2002-07-13 04:24 UTC] mj@php.net

This bug has been fixed in CVS. You can grab a snapshot of the
CVS version at http://snaps.php.net/. In case this was a documentation 
problem, the fix will show up soon at http://www.php.net/manual/.
In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites.
Thank you for the report, and for helping us make PHP better.

[2014-02-28 17:16 UTC] dsp@php.net

Automatic comment on behalf of mj
Revision: http://git.php.net/?p=web/pecl.git;a=commit;h=b38f49e92612672ded675e6a72df8b669fea56ec
Log: Fix bug #18322.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sat May 10 01:01:28 2025 UTC