PHP :: Bug #1880 :: Bug in vars

Bug #1880	Bug in vars
Submitted:	1999-07-26 12:07 UTC	Modified:	1999-07-26 15:07 UTC
From:	palmer at proscenio dot org	Assigned:
Status:	Closed	Package:	Other
PHP Version:	3.0.7	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	palmer at proscenio dot org
New email:
PHP Version:		OS:

New Comment:

[1999-07-26 12:07 UTC] palmer at proscenio dot org

If i insert into a form field a <'> or a <"> or a <\>
in the string var result i have <\`> or <\"> or <\\> respectly.

The script that reproduces the problem is this:

<FORM method=get>
<input type=text name=ciccio value="<?print($ciccio);?>">
<input type=submit name=Submit value="submit">
</FORM>
<?print("<h1>$ciccio</h1>");?>

For example:

In the text i write:                         "xx'xx\x"
$ciccio var (after submit query) is:     \"xx\'xx\\x\"

This is a bug ?

If you search on www.php.net trought the form you can view the problem.
You write the string: """"" end it search: \"\"\"\"\"

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[1999-07-26 15:07 UTC] rasmus at cvs dot php dot net

This is not a bug.  Turn off the magic_quotes_gpc option in your php3.ini file if you don't want quotes automatically escaped.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Sun May 11 12:01:27 2025 UTC