php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #30298 $_POST variable not handling arrays properly
Submitted: 2004-10-01 07:49 UTC Modified: 2004-10-02 16:00 UTC
From: ross dot w at paradise dot net dot nz Assigned:
Status: Not a bug Package: Arrays related
PHP Version: 4.3.8 OS: Linux
Private report: No CVE-ID: None
 [2004-10-01 07:49 UTC] ross dot w at paradise dot net dot nz
Description:
------------
The $_POST variable does not return an array (eg. from a select multiple box) but instead returns the word "Array". $HTTP_POST_VARS and register globals do not have this problem.

Reproduce code:
---------------
<select multiple="multiple" name="test[]">
<option name="o1">Option 1</option>
<option name="o2">Option 2</option>
<option name="o3">Option 3</option>
</select>

User selects some of these and clicks Submit

Expected result:
----------------
I would expect that these three cases should be equal on the PHP receiving side:

$arr = $_POST["test"];

$arr = $HTTP_POST_VARS["test"];

$arr = $test;
(On systems with register globals)

Actual result:
--------------
Instead:

$arr = $_POST["test"];
$arr is a string with the word "Array" (incorrect)

$arr = $HTTP_POST_VARS["test"];
$arr is the array of selected items (correct)

$arr = $test;
On systems with register globals, $arr is the array of selected items (correct)

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-10-01 09:07 UTC] derick@php.net
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves. 

A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external 
resources such as databases, etc.

If possible, make the script source available online and provide
an URL to it here. Try avoid embedding huge scripts into the report.
 [2004-10-02 09:07 UTC] ross dot w at paradise dot net dot nz
After trying to find the problem I was unable to produce the problem without my usual includes, which includes stripping slashes from the $_POST variable. Indeed when I made a script with this one function (below) it had the same behaviour. I'm now no longer sure this is a bug, apologies for wasting your time. Here's the script, for reference:

<?php

$_POST = array_map('stripslashes',$_POST);

if (!isset($HTTP_POST_VARS["test"])) {
	echo '<form action="'.$_SERVER["PHP_SELF"].'?hai=hai" method="post"><select multiple="multiple" size="5" name="test[]"><option name="o1">Option 1</option><option name="o2">Option 2</option><option name="o3">Option 3</option></select><br /><input type="submit" value="Go"></form>';
} else {
	echo 'These should all be identical<br />$_POST:<br />';

	print_r($_POST["test"]);
	echo '<br />$HTTP_POST_VARS:<br />';
	print_r($HTTP_POST_VARS["test"]);
	echo '<br />register globals:<br />';
	print_r($test);
}

?>
 [2004-10-02 16:00 UTC] sniper@php.net
Not a bug.

 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Sat Dec 14 09:01:24 2019 UTC