PHP :: Bug #68845 :: Logical operator interpreted inside unquoted strings

Bug #68845	Logical operator interpreted inside unquoted strings
Submitted:	2015-01-16 13:41 UTC	Modified:	2015-01-16 19:28 UTC
From:	vincent dot raman at macq dot eu	Assigned:
Status:	Not a bug	Package:	Unknown/Other Function
PHP Version:	5.6.4	OS:	Opensuse 13.2
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	vincent dot raman at macq dot eu
New email:
PHP Version:		OS:

New Comment:

[2015-01-16 13:41 UTC] vincent dot raman at macq dot eu

Description:
------------
---
From manual page: http://www.php.net/function.parse-ini-file
---

parse_ini_file and parse_ini_string try to interpret loogical operator inside not quoted strings.

If we have keys equal to unquoted strings with '|', '&', '^', or '!' inside, everything will be interpreted as numbers even if it was simple strings. 

Furthermore, if the string starts with a "dual" operator like '|', '&' or '^', php will say there is a syntax error. Same if we use '!' in the middle of a string.

That is with ZEND_INI_SCANNER_NORMAL.

With ZEND_INI_SCANNER_RAW, we don't have the problem, but we have ini files from Zend framework 1 where we have

test = ^foo "bar"

It was translated as '^foo bar'. With ZEND_INI_SCANNER_RAW, it becomes '^foo "bar"'. Which is not what we had with php5.4.

Test script:
---------------
var_dump(parse_ini_string('test = foo & bar'));
var_dump(parse_ini_string('test = &foo'));

var_dump(parse_ini_string('test = foo | bar'));
var_dump(parse_ini_string('test = |foo'));

var_dump(parse_ini_string('test = foo ^ bar'));
var_dump(parse_ini_string('test = ^foo'));

var_dump(parse_ini_string('test = foo ! bar'));
var_dump(parse_ini_string('test = !foo'));

Expected result:
----------------
If the text does not represent numbers, don't try to apply the operator.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2015-01-16 19:28 UTC] aharvey@php.net

-Status: Open +Status: Not a bug

[2015-01-16 19:28 UTC] aharvey@php.net

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

I think it's extremely unlikely we'd try to be more selective about this: this is long standing PHP INI parsing behaviour.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Jul 03 15:01:34 2025 UTC