php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #27257 ereg_replace working weird with hexadeciaml escape code
Submitted: 2004-02-14 20:03 UTC Modified: 2004-02-14 21:15 UTC
From: tokie at hanmail dot net Assigned:
Status: Not a bug Package: Regexps related
PHP Version: 5.0.0b4 (beta4) OS: Linux 2.4.x (Fedora core 1)
Private report: No CVE-ID: None
 [2004-02-14 20:03 UTC] tokie at hanmail dot net
Description:
------------
I was handling some broken text file. And I managed to fix it by replacing the ascii-control characters (0x00 to 0x1F) to avoid crash when INSERT the text into a db-table.

But the ereg_replace replaces other critical characters such as 0-9 : < = > ... (seems to be 0x30 to 0x3F), too.


Reproduce code:
---------------
$str = "<a href='http://www.php.net/'>PHP.net</a>";
$result = ereg_replace("[\\x00-\\x1F]", "*", $str);

// the result was: 
// *a href*'http*//www.php.net/'*PHP.net*/a*
// not,
// <a href='http://www.php.net/'>PHP.net</a>


Expected result:
----------------
the function should replace only the characters ranging 0x00 ~ 0x1F only.

Actual result:
--------------
it replaced not only 0x00 - 0x1F but also 0x30 ~ 0x3F (I guess, and 0x20 ~ 0x2F seems to be safe)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-02-14 21:15 UTC] sniper@php.net
Using correct regex would help:

ereg_replace("[[:cntrl:]]", "*", $str);

 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Tue Nov 24 09:01:23 2020 UTC