PHP :: Request #54486 :: QUERY

Request #54486	QUERY_STRING
Submitted:	2011-04-07 15:36 UTC	Modified:	2011-04-07 16:30 UTC
From:	vittorisimone at gmail dot com	Assigned:
Status:	Not a bug	Package:	*General Issues
PHP Version:	Irrelevant	OS:	windows xp
Private report:	No	CVE-ID:	None

View Add Comment Developer Edit

[2011-04-07 15:36 UTC] vittorisimone at gmail dot com

Description:
------------
Hi, there's a problem with

$_SERVER['QUERY_STRING'];

this returns a string with unencoded ampersands; that's not good, because the "&" is used to create entities and may cause bugs.
I need to escape all instances of '&' into '&amp;', according to W3C standards. Hope this will be fixed soon.

Test script:
---------------
<?php echo "?". $_SERVER['QUERY_STRING'] . "&amp;copy=".$testi[0]; ?>

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2011-04-07 16:30 UTC] dtajchreber@php.net

-Status: Open +Status: Bogus

[2011-04-07 16:30 UTC] dtajchreber@php.net

php.net/htmlspecialchars
php.net/htmlentities

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Mon May 20 07:01:34 2024 UTC