php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #38052 parse_ini_file() - escaping double quotes is impossible
Submitted: 2006-07-10 01:12 UTC Modified: 2010-12-15 20:21 UTC
Votes:11
Avg. Score:4.5 ± 0.8
Reproduced:9 of 9 (100.0%)
Same Version:3 (33.3%)
Same OS:4 (44.4%)
From: alex at thresholdstate dot com Assigned: bjori (profile)
Status: Closed Package: *General Issues
PHP Version: 4.4.2 OS:
Private report: No CVE-ID: None
View Developer Edit
 [2006-07-10 01:12 UTC] alex at thresholdstate dot com 
Description:
------------
It appears there's no way a value in a .INI file can contain a double quote character.

Backslash escaping is unsupported.  If some other escaping method is available, the doc page doesn't mention it.

Example is taken from http://www.php.net/manual/en/function.parse-ini-file.php#18216, posted in January 2002.

C-style backslash escaping probably can't be supported due to Windows paths.  Other escaping methods might be feasible: SQL-style doubled quote characters, for example.

Reproduce code:
---------------
var_dump(parse_ini_file("example.ini"));

;============================
; Example Configuration File
;============================
[category]
title = "Best Scripting Language"
desc = "See <a href=\"http://www.php.net/\">PHP</a>!"

Expected result:
----------------
array(2) {
  ["title"]=>
  string(23) "Best Scripting Language"
  ["desc"]=>
  string(13) "See <a href="http://www.php.net/">PHP</a>!"
}


Actual result:
--------------
PHP Warning:  Error parsing a.ini on line 6
 in Command line code on line 1
array(2) {
  ["title"]=>
  string(23) "Best Scripting Language"
  ["desc"]=>
  string(13) "See <a href=\"
}

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-07-10 01:43 UTC] judas dot iscariote at gmail dot com 
IT works perfectly fine with a current version of PHP ( in my case 5_2 CVS), so you better try PHP5, you should be using PHP4 anyway..

ps: it is reproducible in current PHP 4_4 CVS, but Im not sure if this is gonna be fixed (if a bug), wait for official answer.
 [2006-07-10 01:59 UTC] alex at thresholdstate dot com 
The latest PHP5 I have access to is 5.0.4, and it fails there.
 [2006-07-10 04:09 UTC] judas dot iscariote at gmail dot com 
Well..with current 5_2 version I get:

array(2) {
  ["title"]=>
  string(23) "Best Scripting Language"
  ["desc"]=>
  string(42) "See <a href=\http://www.php.net/\>PHP</a>!"
}

although this not what you expect, is much better, since you can use str_replace() to replace backslashes with double quotes if you want.
 [2006-07-10 04:27 UTC] alex at thresholdstate dot com 
Not sure I'd describe it as "much better", since it clashes with windows paths.  Consider:

path = "\"C:\Program Files\blah\""

5.2 would presumably render this as '\C:\Program Files\blah\\', which loses the distinction between "escaped" quotes and plain backslashes.
 [2010-12-15 20:21 UTC] bjori@php.net
-Status: Open +Status: Closed -Package: Feature/Change Request +Package: *General Issues -Assigned To: +Assigned To: bjori
 [2010-12-15 20:21 UTC] bjori@php.net 
This was fixed in 5.3
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Wed Mar 19 17:01:32 2025 UTC