php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #11236 addslashes() before preg_replace() gives parse error in regexp
Submitted: 2001-06-01 07:11 UTC Modified: 2001-08-06 13:09 UTC
From: john at vbulletin dot com Assigned:
Status: Closed Package: PCRE related
PHP Version: 4.0.5 OS: Linux
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: john at vbulletin dot com
New email:
PHP Version: OS:

 

 [2001-06-01 07:11 UTC] john at vbulletin dot com
This issue seems to only affect PHP 4.0.5, not earlier versions, as far as I can tell.

The following code gives an error:

<?

$string="

[code]

EXEC sp_addlinkedserver 'TillDB', 'Access 2000', 'Microsoft.Jet.OLEDB.4.0', '\\till01\C\endx\data\ct.mdb'
EXEC sp_addlinkedsrvlogin 'TillDB', false, NULL, 'Admin', NULL
EXEC sp_dropserver 'TIllDB', 'droplogins'

[/code]

";

function stripbrsfromcode($str) {
  return ($str);
}

//$string=str_replace("'","\'",$string);
$string=addslashes($string);

echo $string;


$string=preg_replace("/(\[)(code)(])(\r\n)*(.*)(\[\/code\])/esiU","stripbrsfromcode('\\5')",$string);

echo $string;
?>

The error is as follows:
[code] EXEC sp_addlinkedserver \'TillDB\', \'Access 2000\', \'Microsoft.Jet.OLEDB.4.0\', \'\till01\C\endx\data\ct.mdb\' EXEC sp_addlinkedsrvlogin \'TillDB\', false, NULL, \'Admin\', NULL EXEC sp_dropserver \'TIllDB\', \'droplogins\' [/code] 
Parse error: parse error in /usr/local/apache/htdocs/test.php(24) : regexp code on line 5

Fatal error: Failed evaluating code: stripbrsfromcode(' EXEC sp_addlinkedserver \\\'TillDB\\\', \\\'Access 2000\\\', \\\'Microsoft.Jet.OLEDB.4.0\\\', \\\'\\till01\\C\\endx\\data\\ct.mdb\\\' EXEC sp_addlinkedsrvlogin \\\'TillDB\\\', false, NULL, \\\'Admin\\\', NULL EXEC sp_dropserver \\'TIllDB\\', \\'droplogins\\' ') in /usr/local/apache/htdocs/test.php on line 24


Let me know if you need other info. I have seen this problem on two independant configurations, so I am fairly sure it is not the server.

phpinfo here:
http://161.58.186.97/phpinfo.php

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-06-11 10:04 UTC] john at vbulletin dot com
Just an update -- this issue seems to be to do with having lots of single quotes (') in the string. It has also been an issue in strings other than the one shown in my first post.

6 quotes seems to be the limit of what it can handle.

John
 [2001-08-06 13:09 UTC] andrei@php.net
This works in latest CVS - try upgrading to 4.0.6 or later.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 16:01:29 2024 UTC