|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #38052 parse_ini_file() - escaping double quotes is impossible
Submitted: 2006-07-10 01:12 UTC Modified: 2010-12-15 20:21 UTC
Avg. Score:4.5 ± 0.8
Reproduced:9 of 9 (100.0%)
Same Version:3 (33.3%)
Same OS:4 (44.4%)
From: alex at thresholdstate dot com Assigned: bjori (profile)
Status: Closed Package: *General Issues
PHP Version: 4.4.2 OS:
Private report: No CVE-ID: None
 [2006-07-10 01:12 UTC] alex at thresholdstate dot com
It appears there's no way a value in a .INI file can contain a double quote character.

Backslash escaping is unsupported.  If some other escaping method is available, the doc page doesn't mention it.

Example is taken from, posted in January 2002.

C-style backslash escaping probably can't be supported due to Windows paths.  Other escaping methods might be feasible: SQL-style doubled quote characters, for example.

Reproduce code:

; Example Configuration File
title = "Best Scripting Language"
desc = "See <a href=\"\">PHP</a>!"

Expected result:
array(2) {
  string(23) "Best Scripting Language"
  string(13) "See <a href="">PHP</a>!"

Actual result:
PHP Warning:  Error parsing a.ini on line 6
 in Command line code on line 1
array(2) {
  string(23) "Best Scripting Language"
  string(13) "See <a href=\"


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2006-07-10 01:43 UTC] judas dot iscariote at gmail dot com
IT works perfectly fine with a current version of PHP ( in my case 5_2 CVS), so you better try PHP5, you should be using PHP4 anyway..

ps: it is reproducible in current PHP 4_4 CVS, but Im not sure if this is gonna be fixed (if a bug), wait for official answer.
 [2006-07-10 01:59 UTC] alex at thresholdstate dot com
The latest PHP5 I have access to is 5.0.4, and it fails there.
 [2006-07-10 04:09 UTC] judas dot iscariote at gmail dot com
Well..with current 5_2 version I get:

array(2) {
  string(23) "Best Scripting Language"
  string(42) "See <a href=\\>PHP</a>!"

although this not what you expect, is much better, since you can use str_replace() to replace backslashes with double quotes if you want.
 [2006-07-10 04:27 UTC] alex at thresholdstate dot com
Not sure I'd describe it as "much better", since it clashes with windows paths.  Consider:

path = "\"C:\Program Files\blah\""

5.2 would presumably render this as '\C:\Program Files\blah\\', which loses the distinction between "escaped" quotes and plain backslashes.
 [2010-12-15 20:21 UTC]
-Status: Open +Status: Closed -Package: Feature/Change Request +Package: *General Issues -Assigned To: +Assigned To: bjori
 [2010-12-15 20:21 UTC]
This was fixed in 5.3
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Sat Feb 04 13:03:38 2023 UTC