|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2009-07-07 09:23 UTC] s dot coletta at unidata dot it
Description:
------------
Eval() makes a wrong parsing of a string ending with \\' or \'
The "Reproduce code" will not fail if you remove the ending \\ or \ like:
$str = "define('A','C:\\Dir');"; or
$str = "define('A','C:\Dir');";
Reproduce code:
---------------
$str = "define('A','C:\\Dir\\');";
eval($str);
or
$str = "define('A','C:\Dir\');";
eval($str);
Expected result:
----------------
No warnings or errors.
Just this statement executed:
define('A','C:\Dir\');
Actual result:
--------------
For both examples provided the result is the same:
Warning: Unexpected character in input: ''' (ASCII=39) state=1 in /test.php(3) : eval()'d code on line 1
Parse error: syntax error, unexpected ':' in /test.php(3) : eval()'d code on line 1
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Mon Jul 28 04:00:02 2025 UTC |
Thank you for your bug report. The issue you report is not a bug. Both strings in your example look like this: define('A','C:\Dir\'); Note that the last single quote is escaped by the backslash. Passing this to eval or putting this string in a PHP file will rightfully give a parse error, because there is no ending quote.I'm sorry but if I write this code: $str = "define('A','C:\\Dir\\');"; eval($str); I expect to be evaluated properly because \\' has to be escaped to \' So you are saying that: \\' is escaped to \' by the PHP parser when assigned to the string $str then eval parses it again escaping \' a second time and causing the error. Now, if I need to eval a statement like that, and this is not considered a bug, how can I workaround this?