|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #10626 escaping doesn't work in the replacement clause
Submitted: 2001-05-03 03:04 UTC Modified: 2001-05-04 07:15 UTC
From: hover at mi dot ru Assigned:
Status: Not a bug Package: PCRE related
PHP Version: 4.0.5 OS: FreeBSD 4.3
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Bug Type:
From: hover at mi dot ru
New email:
PHP Version: OS:


 [2001-05-03 03:04 UTC] hover at mi dot ru
The problem is that preg_replace() ignores escaping of $nn sequence in the replacement string.
$str = preg_replace("/a/", "\$1000", "test ... a ... test");
echo $str;

test ... 00 ... test 

#!/usr/local/bin/perl -w

$_ = "test ... a ... test";
test ... $1000 ... test

This feature leads to impossibility of passing strings like '$1000' via phplib template variables.

PHP 4.0.4pl1, 4.0.5


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2001-05-03 08:04 UTC]
You escaped the $1000 on the PHP level, so literal $1000 was sent to PCRE, where $10 was interpreted as a backreference, and since there aren't 10 capturing subpatterns in the pattern, you get an empty string for $10, and the rest is taken as a literal string.

Send further questions to php-general@ (after you RTFM, of course).
 [2001-05-04 07:15 UTC] hover at mi dot ru
Thanks for educating me and sorry for waisting your time.
Though, phplib needs to be changed to work with such variables.

Something like this:

$tempvars = preg_replace("/\\$/", "\\\\\$", $this->varvals);

But it's a phplib's, not PHP thing. Thanks.
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sun Mar 03 23:01:32 2024 UTC