php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #20210 Hash in urldata
Submitted: 2002-11-01 05:23 UTC Modified: 2002-11-01 05:26 UTC
From: stian at nixia dot no Assigned:
Status: Not a bug Package: *General Issues
PHP Version: 4.2.0 OS: Red Hat linux 7.3
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: stian at nixia dot no
New email:
PHP Version: OS:

 

 [2002-11-01 05:23 UTC] stian at nixia dot no
http://localhost/editaccount.php?UID=1&Email=##@localhost
http://localhost/editaccount.php?UID=1&Email=%23%23@localhost


These two urls points to the same thing. The first one is generated by mozilla (uri's are normally escaped by the browser if nescesarry). The variabel Email appears emtpy, and the my script then fails and shit :-/

If I escape the url manually to the second one, php is happy and the Email variabel is set to a value :-)

In both cases, isset($Email) and is_string($Email) returned true.

I also tested this:

http://localhost/editaccount.php?UID=1&Email=test##@localhost

and Email was set to "test"


Stian

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2002-11-01 05:26 UTC] derick@php.net
Sorry, but your problem does not imply a bug in PHP itself.  For a
list of more appropriate places to ask for help using PHP, please
visit http://www.php.net/support.php as this bug system is not the
appropriate forum for asking support questions. 

Thank you for your interest in PHP.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Dec 12 21:01:28 2024 UTC