php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #40813 upload filename
Submitted: 2007-03-15 09:47 UTC Modified: 2007-03-18 20:25 UTC
From: gianluca dot gimigliano at interno dot it Assigned: iliaa (profile)
Status: Not a bug Package: *Web Server problem
PHP Version: 5.2.1 OS: Windows XP
Private report: No CVE-ID: None
View Add Comment Developer Edit
 [2007-03-15 09:47 UTC] gianluca dot gimigliano at interno dot it 
Description:
------------
When you try to upload a file with the character:' in the name, 
the uploaded file name is read from the ' position.

Reproduce code:
---------------
<html><head></head>
<body>
<?
if ($_FILES['uploaded']) echo $_FILES['uploaded']['name'];
	
?>
<form method="post"  enctype="multipart/form-data">
	<input name="uploaded" type="file">
	<input name="send" type="submit" value="send">
</form>
</body>
</html>

Expected result:
----------------
If the uploaded file name is: special'ized.doc 
The correct output is: special'ized.doc 


Actual result:
--------------
If the uploaded file name is: special'ized.doc 
The real output is: ized.doc

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-03-15 13:02 UTC] tony2001@php.net 
Please try using this CVS snapshot:

  http://snaps.php.net/php5.2-latest.tar.gz
 
For Windows:
 
  http://snaps.php.net/win32/php5.2-win32-latest.zip
 [2007-03-15 14:19 UTC] gianluca dot gimigliano at interno dot it 
With this apache version:
Apache Version  Apache/2.2.4 (Win32) mod_ssl/2.2.4 OpenSSL/0.9.8d PHP/5.2.2-dev  

The prolem is the same
 [2007-03-17 00:42 UTC] tony2001@php.net 
Ilia, please take a look at this issue.
It's your patch causes this behaviour: 
http://cvs.php.net/viewvc.cgi/php-src/main/rfc1867.c?view=diff&r1=1.168&r2=1.169
The last #ifdef PHP_WIN32 doesn't look right, did it get there by mistake?
 [2007-03-17 00:48 UTC] edink@php.net 
I the meanwhile you can set

magic_quotes_gpc=off

in your php.ini which will avoid this problem if your code does not depend on the magic_quotes (which it shouldn't anyway),
 [2007-03-18 20:25 UTC] iliaa@php.net 
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

On Win32 \ is a directory separator, so when \ is added to escape ' and 
alike characters due to magic_quotes_gpc you end up in a situation where 
part of the filename is stripped.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Apr 27 07:01:29 2024 UTC