PHP :: Bug #27257 :: ereg_replace working weird with hexadeciaml escape code

Bug #27257	ereg_replace working weird with hexadeciaml escape code
Submitted:	2004-02-14 20:03 UTC	Modified:	2004-02-14 21:15 UTC
From:	tokie at hanmail dot net	Assigned:
Status:	Not a bug	Package:	Regexps related
PHP Version:	5.0.0b4 (beta4)	OS:	Linux 2.4.x (Fedora core 1)
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	tokie at hanmail dot net
New email:
PHP Version:		OS:

New Comment:

[2004-02-14 20:03 UTC] tokie at hanmail dot net

Description:
------------
I was handling some broken text file. And I managed to fix it by replacing the ascii-control characters (0x00 to 0x1F) to avoid crash when INSERT the text into a db-table.

But the ereg_replace replaces other critical characters such as 0-9 : < = > ... (seems to be 0x30 to 0x3F), too.


Reproduce code:
---------------
$str = "<a href='http://www.php.net/'>PHP.net</a>";
$result = ereg_replace("[\\x00-\\x1F]", "*", $str);

// the result was: 
// *a href*'http*//www.php.net/'*PHP.net*/a*
// not,
// <a href='http://www.php.net/'>PHP.net</a>


Expected result:
----------------
the function should replace only the characters ranging 0x00 ~ 0x1F only.

Actual result:
--------------
it replaced not only 0x00 - 0x1F but also 0x30 ~ 0x3F (I guess, and 0x20 ~ 0x2F seems to be safe)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2004-02-14 21:15 UTC] sniper@php.net

Using correct regex would help:

ereg_replace("[[:cntrl:]]", "*", $str);

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 17:01:58 2024 UTC