php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #15477 ereg_replace and str_replace non function
Submitted: 2002-02-09 18:08 UTC Modified: 2002-02-10 09:25 UTC
From: lee dot bolding at ukonline dot co dot uk Assigned:
Status: Closed Package: Strings related
PHP Version: 4.1.1 OS: RedHat 7.1
Private report: No CVE-ID: None
View Developer Edit
 [2002-02-09 18:08 UTC] lee dot bolding at ukonline dot co dot uk 
the following script fails to work with both ereg_replace and str_replace.

$sql = "select table.id, table.user, table.pass, FROM table, WHERE table.id='1234' AND table.user='lee' AND ORDER BY table.id DESC"; 

This is being automatically generated based on the amount of arguments passed to the script (which explains the superflous ,'s and ANDs). So, I'm using ereg_replace to remove them like so: 

$sql = ereg_replace(', FROM', ' FROM', $sql); 
$sql = ereg_replace(', WHERE', ' WHERE', $sql); 
$sql = ereg_replace('AND ORDER', 'ORDER', $sql); 

$sql should be modified to:

select table.id, table.user, table.pass FROM table WHERE table.id='1234' AND table.user='lee' ORDER BY table.id DESC

However, it remains unchanged. With more investigation, the problem seems to be with any pattern that contains a space or special character.

PHP configured as follows:

 './configure' '--with-apache=../apache_1.3.22' '--prefix=/usr/local/apache/php' '--with-mysql' '--enable-track-vars' '--enable-ftp' '--with-curl' '--with-openssl=/usr/local/ssl' '--with-gd' '--enable-wddx' '--with-xml' '--enable-trans-id' '--with-sablot' '--with-ldap=/usr/local' '--enable-sysvsem' '--enable-sysvshm' '--with-pcre' '--enable-sockets' '--with-mm=/usr/local/lib/mm'

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-02-09 18:26 UTC] torben@php.net 
I can't reproduce this on 4.2.0-dev. What does the following
script give you? (The output it gives me is below it.)

<?php
error_reporting(E_ALL);

$sql = "select table.id, table.user, table.pass, FROM table, WHERE table.id='1234' AND table.user='lee' AND ORDER BY table.id DESC"; 
echo "Before: $sql\n";
$sql = ereg_replace(', FROM', ' FROM', $sql); 
$sql = ereg_replace(', WHERE', ' WHERE', $sql); 
$sql = ereg_replace('AND ORDER', 'ORDER', $sql); 
echo "After: $sql\n";

$sql = "select table.id, table.user, table.pass, FROM table, WHERE table.id='1234' AND table.user='lee' AND ORDER BY table.id DESC"; 
echo "Before: $sql\n";
$sql = str_replace(', FROM', ' FROM', $sql); 
$sql = str_replace(', WHERE', ' WHERE', $sql); 
$sql = str_replace('AND ORDER', 'ORDER', $sql); 
echo "After: $sql\n";

?>

Output:
Before: select table.id, table.user, table.pass, FROM table, WHERE table.id='1234' AND table.user='lee' AND ORDER BY table.id DESC
After: select table.id, table.user, table.pass FROM table WHERE table.id='1234' AND table.user='lee' ORDER BY table.id DESC
Before: select table.id, table.user, table.pass, FROM table, WHERE table.id='1234' AND table.user='lee' AND ORDER BY table.id DESC
After: select table.id, table.user, table.pass FROM table WHERE table.id='1234' AND table.user='lee' ORDER BY table.id DESC


Torben
 [2002-02-09 18:40 UTC] lee dot bolding at ukonline dot co dot uk 
The code you have supplied 'as is' works fine.

However, I've got my code inside of a class, after I've done the ereg_replace I'm assigning $this->sql = $sql; then from the instantiating php file I'm doing echo $handler->sql - which is where the problem manifests.

I've tried modifying the string handle from $sql to $sql1 incase thier is somekind of conflict somewhere, but I still get the same results.
 [2002-02-10 09:25 UTC] lee dot bolding at ukonline dot co dot uk 
How stupid am I!?

I was echoing back $sql to a browser.

On viewing the source, it showed that there were some parts of the string with double spaces (which browsers ignore). Now fixed it.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sat Oct 25 23:00:01 2025 UTC