php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #20116 $_POST keys starting with "+"
Submitted: 2002-10-27 01:17 UTC Modified: 2002-10-27 05:06 UTC
From: dan at wavefront dot ca Assigned: moriyoshi (profile)
Status: Closed Package: mbstring related
PHP Version: 4.2.3 OS: OS X 10.2.1
Private report: No CVE-ID: None
 [2002-10-27 01:17 UTC] dan at wavefront dot ca
I have a simple method of creating easy form processing.... 
I thought....

I came up with the idea (I am not claiming to be the first) 
to have form elements I want to update via MySQL starting 
with either "-" or "+".

Example:

+name=DAN
+email=dan@wavefront.ca
-notes=
id=1

The first 2 are required and will be updated, the 3rd is 
optional and will be updated and the 4th (id) is simply 
passed as form data.

The idea here is that I parse the $_POST variable to auto 
create a "UPDATE table SET name = 'Dan', email = 
'dan@wavefront.ca' WHERE = 1" string for MySQL.

The issue is that if I use the "+" to indicate a required 
field for error trapping my $_POST array ends up like this:

+namD=AN
+emaild=an@wavefront.ca
-notes=
id=1

If a change to any other character (* for example) it work 
fine.

Either this is a PHP / HTTP bug or I am up against some 
strange post naming restriction.  I searched the web, the 
PHP site (includeing the bugs) and could not spot an 
obvious reference.

Dan

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-10-27 05:06 UTC] moriyoshi@php.net
This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.

Additional comment: Also try to configure with --disable-mbstr-enc-trans if you even want to use 4.2.3 .
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Nov 25 09:01:30 2024 UTC