php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #33200 magic_quotes_sybase switched on breaks the use of /e modifier in preg_replace
Submitted: 2005-05-31 12:36 UTC Modified: 2005-05-31 14:56 UTC
From: astax_t at gorodok dot net Assigned: sniper
Status: Closed Package: PCRE related
PHP Version: 5.*, 4.* OS: *
Private report: No CVE-ID:
 [2005-05-31 12:36 UTC] astax_t at gorodok dot net
Description:
------------
When magic_quotes_sybase is On, this also affects how apostrophes are escaped in preg_replace with /e modifier. See example.

In example code I specifically included a string with $ inside to point why it's impossible to use double quotes around \\1 in second parameter.

Reproduce code:
---------------
$str = 'some \'$sample\' text';

$str = preg_replace("/(some.*text)/e", "strtoupper('\\1')", $str);

echo $str;

Expected result:
----------------
SOME '$SAMPLE' TEXT

Actual result:
--------------
Parse error: parse error in E:\test\web\a.php(4) : regexp code on line 1

Fatal error: preg_replace(): Failed evaluating code: strtoupper('some ''$sample'' text') in E:\test\web\a.php on line 4

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-05-31 12:43 UTC] sniper@php.net
RTFM:

"If magic_quotes_sybase  is also on, a single-quote is escaped with a single-quote instead of a backslash."
 [2005-05-31 12:49 UTC] astax_t at gorodok dot net
I know how magic_quotes_sybase works, but I state that it should NOT affect /e modifier in regular expressions. The same as magic_quotes_gpc and magic_quotes_runtime doesn't affect this.
 [2005-05-31 12:53 UTC] astax_t at gorodok dot net
And additionally, it makes impossible to use preg_replace with /e modifier in certain situations. When subject string comes from external source and so can contain some variables, like in my example.

I still insist that it's a bug.

Thank you.
 [2005-05-31 14:13 UTC] sniper@php.net
I stand corrected, fix coming up..


 [2005-05-31 14:56 UTC] sniper@php.net
This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.


 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Thu Apr 17 09:02:29 2014 UTC