PHP :: Bug #27257 :: ereg_replace working weird with hexadeciaml escape code

Bug #27257	ereg_replace working weird with hexadeciaml escape code
Submitted:	2004-02-14 20:03 UTC	Modified:	2004-02-14 21:15 UTC
From:	tokie at hanmail dot net	Assigned:
Status:	Not a bug	Package:	Regexps related
PHP Version:	5.0.0b4 (beta4)	OS:	Linux 2.4.x (Fedora core 1)
Private report:	No	CVE-ID:	None

View Developer Edit

Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !

Your email address: MUST BE VALID
Solve the problem: 3 + 3 = ?
Subscribe to this entry?

[2004-02-14 20:03 UTC] tokie at hanmail dot net

Description:
------------
I was handling some broken text file. And I managed to fix it by replacing the ascii-control characters (0x00 to 0x1F) to avoid crash when INSERT the text into a db-table.

But the ereg_replace replaces other critical characters such as 0-9 : < = > ... (seems to be 0x30 to 0x3F), too.


Reproduce code:
---------------
$str = "<a href='http://www.php.net/'>PHP.net</a>";
$result = ereg_replace("[\\x00-\\x1F]", "*", $str);

// the result was: 
// *a href*'http*//www.php.net/'*PHP.net*/a*
// not,
// <a href='http://www.php.net/'>PHP.net</a>


Expected result:
----------------
the function should replace only the characters ranging 0x00 ~ 0x1F only.

Actual result:
--------------
it replaced not only 0x00 - 0x1F but also 0x30 ~ 0x3F (I guess, and 0x20 ~ 0x2F seems to be safe)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2004-02-14 21:15 UTC] sniper@php.net

Using correct regex would help:

ereg_replace("[[:cntrl:]]", "*", $str);

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Wed Oct 29 21:00:01 2025 UTC