php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #49566 addcslashes() requires strictly binary string
Submitted: 2009-09-15 21:38 UTC Modified: 2011-11-12 22:55 UTC
From: redbull_1988 at mail dot bg Assigned:
Status: Not a bug Package: Unicode Engine related
PHP Version: 6SVN-2009-09-15 (snap) OS: Windows XP Pro SP3
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: redbull_1988 at mail dot bg
New email:
PHP Version: OS:

 

 [2009-09-15 21:38 UTC] redbull_1988 at mail dot bg
Description:
------------
addcslashes() should allow Unicode string in both parameters.

I use addcslashes() to escape Unicode string, for example to escape % and _ characters for SQL LIKE operator.

Reproduce code:
---------------
addcslashes("abc", "%_");


Expected result:
----------------
abc

Actual result:
--------------
Warning: addcslashes() expects parameter 1 to be strictly a binary string, Unicode string given


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-12-17 14:33 UTC] jani@php.net
-Package: Unicode Function Upgrades relate +Package: Unicode Engine related
 [2010-12-22 15:32 UTC] johannes@php.net
-Status: Open +Status: Bogus
 [2010-12-22 15:32 UTC] johannes@php.net
The old PHP 6 is on-hold and even then this behaviour would be "Expected" as we won't know which encoding to use when converting from utf-16.
 [2011-11-12 22:55 UTC] redbull_1988 at mail dot bg
-: vrana@php.net +: redbull_1988 at mail dot bg -Operating System: Irrelevant +Operating System: Windows XP Pro SP3
 [2011-11-12 22:55 UTC] redbull_1988 at mail dot bg
This is code:
(<?php
include 'functions.php';
if(!$_SESSION['is_logged']==true)
{
    my_header('Регистрация');
if($_POST['form_submit']==1)
{
$login=trim($_POST['login']);
$pas=trim($_POST['pass']);
$pas2=trim($_POST['pass2']);
$email=trim($_POST['mail']);
$name=trim($_POST['name']);

if(strlen($login)<4)
{
$error_array['login']='Кратко име.Трябва да е поне 4 синвола!';
}

if(strlen($pas)<4)
{
$error_array['pass']='Кратка парола!';
}

if($pas!=$pas2)
{
$error_array['pass']='Паролите не въпадат!';
}

if(!eregi("^[[:alnum:]][a-z0-9_.-]*@[a-z0-9.-]+\.[a-z]{2,4}$", $email)) 
{
$error_array['mail']='Невалиден Email адрес!';
}

if (!eregi("^[a-zA-Z0-9_]{3,16}$" ,$name)) 
{
$error_array['name']='Невалидно име!';
}

if(!count($error_array)>0)
{
db_init();
$sql='SELECT COUNT(*) as cnt FROM users WHERE login="'.addcslashes($login).'" OR email="'.addcslashes($email).'"';
$res=mysql_query($sql); 
$row=mysql_fetch_assoc($res);
print ($row);
}

}
else

?>
<form action="register.php" method="POST">
<b>User name</b>:<input type="text" name="login" value="" />
<?php
if($error_array['login'])
{
echo $error_array['login'];
} 
?>
<br />
<b>Парола:</b><input type="password" name="pass" value="" size="30" />
<?php
if($error_array['pass'])
{
echo $error_array['pass'];
} 
?>
<br />
<b>Повтори парола:</b><input type="password" name="pass2" value="" size="30" /><br />
<b>Email:</b><input type="text" name="mail" value="" />
<?php
if($error_array['mail'])
{
echo $error_array['mail'];
} 
?>
<br />
<b>Име:</b><input type="text" name="name" value="" />
<?php
if($error_array['name'])
{
echo $error_array['name'];
} 
?>
<br />
<input type="hidden" name="form_submit" value="1" />
<input type="submit" name="Регистрирай се" value="Регистрирай се" /><br />
</form>
<?php
footer();
}
else 
{
header('Location: index.php');
exit;
})

return error:
(Warning: addcslashes() expects exactly 2 parameters, 1 given in C:\xampp\htdocs\nfs\register.php on line 42

Warning: addcslashes() expects exactly 2 parameters, 1 given in C:\xampp\htdocs\nfs\register.php on line 42
Array)
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sat Oct 16 20:03:36 2021 UTC