PHP :: Bug #11236 :: addslashes() before preg_replace() gives parse error in regexp

Bug #11236	addslashes() before preg_replace() gives parse error in regexp
Submitted:	2001-06-01 07:11 UTC	Modified:	2001-08-06 13:09 UTC
From:	john at vbulletin dot com	Assigned:
Status:	Closed	Package:	PCRE related
PHP Version:	4.0.5	OS:	Linux
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	john at vbulletin dot com
New email:
PHP Version:		OS:

New/Additional Comment:

[2001-06-01 07:11 UTC] john at vbulletin dot com

This issue seems to only affect PHP 4.0.5, not earlier versions, as far as I can tell.

The following code gives an error:

<?

$string="

[code]

EXEC sp_addlinkedserver 'TillDB', 'Access 2000', 'Microsoft.Jet.OLEDB.4.0', '\\till01\C\endx\data\ct.mdb'
EXEC sp_addlinkedsrvlogin 'TillDB', false, NULL, 'Admin', NULL
EXEC sp_dropserver 'TIllDB', 'droplogins'

[/code]

";

function stripbrsfromcode($str) {
  return ($str);
}

//$string=str_replace("'","\'",$string);
$string=addslashes($string);

echo $string;


$string=preg_replace("/(\[)(code)(])(\r\n)*(.*)(\[\/code\])/esiU","stripbrsfromcode('\\5')",$string);

echo $string;
?>

The error is as follows:
[code] EXEC sp_addlinkedserver \'TillDB\', \'Access 2000\', \'Microsoft.Jet.OLEDB.4.0\', \'\till01\C\endx\data\ct.mdb\' EXEC sp_addlinkedsrvlogin \'TillDB\', false, NULL, \'Admin\', NULL EXEC sp_dropserver \'TIllDB\', \'droplogins\' [/code] 
Parse error: parse error in /usr/local/apache/htdocs/test.php(24) : regexp code on line 5

Fatal error: Failed evaluating code: stripbrsfromcode(' EXEC sp_addlinkedserver \\\'TillDB\\\', \\\'Access 2000\\\', \\\'Microsoft.Jet.OLEDB.4.0\\\', \\\'\\till01\\C\\endx\\data\\ct.mdb\\\' EXEC sp_addlinkedsrvlogin \\\'TillDB\\\', false, NULL, \\\'Admin\\\', NULL EXEC sp_dropserver \\'TIllDB\\', \\'droplogins\\' ') in /usr/local/apache/htdocs/test.php on line 24


Let me know if you need other info. I have seen this problem on two independant configurations, so I am fairly sure it is not the server.

phpinfo here:
http://161.58.186.97/phpinfo.php

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2001-06-11 10:04 UTC] john at vbulletin dot com

Just an update -- this issue seems to be to do with having lots of single quotes (') in the string. It has also been an issue in strings other than the one shown in my first post.

6 quotes seems to be the limit of what it can handle.

John

[2001-08-06 13:09 UTC] andrei@php.net

This works in latest CVS - try upgrading to 4.0.6 or later.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Wed Apr 24 03:01:29 2024 UTC