php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #14843 Magic Quotes GPC is broken in 4.1.0
Submitted: 2002-01-04 02:29 UTC Modified: 2002-09-21 02:09 UTC
From: richard at alavator dot com Assigned:
Status: No Feedback Package: PHP options/info functions
PHP Version: 4.1.0 OS: Linux
Private report: No CVE-ID: None
 [2002-01-04 02:29 UTC] richard at alavator dot com
Here is a script that demonstrates the problem. If you uncomment line 4, magic quotes works consistently. If you do not, then some data (or SOMETHING) will cause it to fail most of the time.

<?
mysql_pconnect("","",""); // Must fill in db options
if (isset($adCode)) {
	// echo get_magic_quotes_gpc();
	$sql="INSERT INTO ad_code set sponsor='{$sponsor}', adCode='{$adCode}', cat='{$cat}'";
	echo $sql."<br><br>";
	mysql_query($sql);
	echo mysql_error();
}
?>

Try various data with and with single quotes, and many times magic_quotes_qpc will fail to escape the variables.

I would be happy to provide access to the actual script and server that caused me to notice this problem. Just email.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-08-17 10:18 UTC] kalowsky@php.net
I believe this was fixed, can you please test a newer version of PHP and confirm/deny this?
 [2002-09-21 02:09 UTC] sniper@php.net
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.


 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Wed Oct 30 22:01:28 2024 UTC