|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #25494 array_merge allowing "false" as argument (silent when non-array is passed)
Submitted: 2003-09-11 10:57 UTC Modified: 2003-10-08 07:15 UTC
From: enygma at phpdeveloper dot org Assigned:
Status: Closed Package: Arrays related
PHP Version: 4.3.2 OS: Any
Private report: No CVE-ID:
 [2003-09-11 10:57 UTC] enygma at phpdeveloper dot org
$array2=array("test"=>"1","testing"=>"2"); $last_array=array_merge($array1,$array2); 
echo "<pre>"; print_r($last_array); echo "</pre>";

    [0] => 
    [test] => 1
    [testing] => 2

Please note that not only does array_merge allow the "false" to be passed in, but when it is, a mysterious [0] appears in the results (null array value?)

Reproduce code:
echo "<pre>"; print_r($last_array); echo "</pre>";

Expected result:
Either an "invalid argument" for the "false" being passed in, or no extra Null array value appended to the resulting array.

Actual result:
    [0] => 
    [test] => 1
    [testing] => 2


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2003-09-11 10:59 UTC] enygma at phpdeveloper dot org
array_merge_recursive() shows the same behavior
array_intersect(), however, doesn't and gives a correct warning message
 [2003-09-11 11:42 UTC]
1. Please use var_dump() instead of print_r()
2. The value in the merged array is (bool) false
 [2003-09-11 11:42 UTC]
If you use var_dump() in place of print_r(), you'd see 
that it's not a mysterious value, it's 'false'. The 
boolean value is being converted to an array index in 
array_merge(). (Any value would produce similar results -- 
$array1=4; would produce an array value of 
array_intersect() does a type check before it does 
anything, which is why the warning comes up. 
While it seems inconsistent, I can't see this being 
changed because it would affect BC (albeit BC on a 
somewhat obscure, undocumented feature). Somebody correct 
me here if I'm wrong. So I'm bogusing it for now. 
 [2003-09-11 11:50 UTC] enygma at phpdeveloper dot org
it still seems silly to me that a string passed into an array function was taken without so much as a warning. even more strange that it was suddenly treated as an array and merged into the other valid array.

maybe a warning would be enough to deter this in the future?
 [2003-09-11 12:11 UTC]
Jay, it's an undocumented feature. If it is not documented and obscure it's developer's risk to use it. So, I think this is a bug and a check for the input parameter should be performed. A warning throwed in the same way as array_intersect() does will be the consistent way.
Opening again :)
 [2003-09-11 13:57 UTC]
This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at
In case this was a documentation problem, the fix will show up soon at

In case this was a website problem, the change will show
up on the site and on the mirror sites in short time.
Thank you for the report, and for helping us make PHP better.

array_merge() throws E_NOTICEs now in 4.3.x and will throw 
a warning and fail in 5 for non-array arguments.  
 [2003-10-08 07:14 UTC]
The function behaves the same in PHP 4, in PHP 5 it remains to be seen what the bosses tell it should be. (inconsistent or consistent, that's the question)

 [2003-10-08 07:15 UTC]
At the moment: Fixed in PHP 5, won't fix in PHP 4.

PHP Copyright © 2001-2015 The PHP Group
All rights reserved.
Last updated: Tue Dec 01 12:01:36 2015 UTC