PHP :: Bug #1880 :: Bug in vars

Bug #1880	Bug in vars
Submitted:	1999-07-26 12:07 UTC	Modified:	1999-07-26 15:07 UTC
From:	palmer at proscenio dot org	Assigned:
Status:	Closed	Package:	Other
PHP Version:	3.0.7	OS:	Linux
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

Quick Fix:	(description)
	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	palmer at proscenio dot org
New email:
PHP Version:		OS:

New/Additional Comment:

[1999-07-26 12:07 UTC] palmer at proscenio dot org

If i insert into a form field a <'> or a <"> or a <\>
in the string var result i have <\`> or <\"> or <\\> respectly.

The script that reproduces the problem is this:

<FORM method=get>
<input type=text name=ciccio value="<?print($ciccio);?>">
<input type=submit name=Submit value="submit">
</FORM>
<?print("<h1>$ciccio</h1>");?>

For example:

In the text i write:                         "xx'xx\x"
$ciccio var (after submit query) is:     \"xx\'xx\\x\"

This is a bug ?

If you search on www.php.net trought the form you can view the problem.
You write the string: """"" end it search: \"\"\"\"\"

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[1999-07-26 15:07 UTC] rasmus at cvs dot php dot net

This is not a bug.  Turn off the magic_quotes_gpc option in your php3.ini file if you don't want quotes automatically escaped.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Mon May 06 18:01:35 2024 UTC