PHP :: Bug #11236 :: addslashes() before preg_replace() gives parse error in regexp

Bug #11236	addslashes() before preg_replace() gives parse error in regexp
Submitted:	2001-06-01 07:11 UTC	Modified:	2001-08-06 13:09 UTC
From:	john at vbulletin dot com	Assigned:
Status:	Closed	Package:	PCRE related
PHP Version:	4.0.5	OS:	Linux
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2001-06-01 07:11 UTC] john at vbulletin dot com

This issue seems to only affect PHP 4.0.5, not earlier versions, as far as I can tell.

The following code gives an error:

<?

$string="

[code]

EXEC sp_addlinkedserver 'TillDB', 'Access 2000', 'Microsoft.Jet.OLEDB.4.0', '\\till01\C\endx\data\ct.mdb'
EXEC sp_addlinkedsrvlogin 'TillDB', false, NULL, 'Admin', NULL
EXEC sp_dropserver 'TIllDB', 'droplogins'

[/code]

";

function stripbrsfromcode($str) {
  return ($str);
}

//$string=str_replace("'","\'",$string);
$string=addslashes($string);

echo $string;


$string=preg_replace("/(\[)(code)(])(\r\n)*(.*)(\[\/code\])/esiU","stripbrsfromcode('\\5')",$string);

echo $string;
?>

The error is as follows:
[code] EXEC sp_addlinkedserver \'TillDB\', \'Access 2000\', \'Microsoft.Jet.OLEDB.4.0\', \'\till01\C\endx\data\ct.mdb\' EXEC sp_addlinkedsrvlogin \'TillDB\', false, NULL, \'Admin\', NULL EXEC sp_dropserver \'TIllDB\', \'droplogins\' [/code] 
Parse error: parse error in /usr/local/apache/htdocs/test.php(24) : regexp code on line 5

Fatal error: Failed evaluating code: stripbrsfromcode(' EXEC sp_addlinkedserver \\\'TillDB\\\', \\\'Access 2000\\\', \\\'Microsoft.Jet.OLEDB.4.0\\\', \\\'\\till01\\C\\endx\\data\\ct.mdb\\\' EXEC sp_addlinkedsrvlogin \\\'TillDB\\\', false, NULL, \\\'Admin\\\', NULL EXEC sp_dropserver \\'TIllDB\\', \\'droplogins\\' ') in /usr/local/apache/htdocs/test.php on line 24


Let me know if you need other info. I have seen this problem on two independant configurations, so I am fairly sure it is not the server.

phpinfo here:
http://161.58.186.97/phpinfo.php

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2001-06-11 10:04 UTC] john at vbulletin dot com

Just an update -- this issue seems to be to do with having lots of single quotes (') in the string. It has also been an issue in strings other than the one shown in my first post.

6 quotes seems to be the limit of what it can handle.

John

[2001-08-06 13:09 UTC] andrei@php.net

This works in latest CVS - try upgrading to 4.0.6 or later.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Tue Apr 23 21:01:31 2024 UTC