php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #57324 0.10.0 didn't filter arrays (unsafe_raw/callback)
Submitted: 2006-10-27 03:59 UTC Modified: 2006-10-28 08:07 UTC
From: michel at tourwerk dot de Assigned: pajoye (profile)
Status: Not a bug Package: filter (PECL)
PHP Version: 5.1.6 OS: Ubuntu 6.06
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: michel at tourwerk dot de
New email:
PHP Version: OS:

 

 [2006-10-27 03:59 UTC] michel at tourwerk dot de 
Description:
------------
After updating filter extension from version 0.9.4 to 0.10.0 multi-value POST-Variables aren't filter as array, which does former version correctly.

With version 0.10.0 and filter type "unsafe_raw" I've got nothing back, with 0.9.4 I've got the current result back

With version 0.10.0 and filter type "callback" I've got nothing back, with 0.9.4 I've got the current result back, but both versions show me, that type of value in callback is string

Reproduce code:
---------------
<?php
if ($_POST){
	$value = input_get( INPUT_POST, "value", input_name_to_filter( "callback" ),array("check","checkArray") );	
	#$value1 = input_get( INPUT_POST, "value", input_name_to_filter( "unsafe_raw"));	
	print_r($value);
	#print_r($value1);
}
class check{
	function checkArray($wert){
		echo gettype($wert);	
		return $wert;
	}
}
?>
<html><body><form action="test.php" method="POST">
		<input type="checkbox" name="value[]" value="A" /> A<br />
		<input type="checkbox" name="value[]" value="B" /> B<br />
		<input type="submit" name="submit" value="Test it">	
</form></body></html>

Expected result:
----------------
for instance array(0 => "A");

Actual result:
--------------
version 0.9.4:
array(0 => "A")
version 0.10.0:
empty string

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-10-28 03:50 UTC] michel at tourwerk dot de 
summary corrected
 [2006-10-28 06:56 UTC] pierre dot php at gmail dot com 
Please try again using current CVS (or php 5.2.0RC). The functions have changed and a couple of annoying bugs have been fixed, the php manual is now updated (http://www.php.net/filter).
 [2006-10-28 07:46 UTC] michel at tourwerk dot de 
cvs version shows the same expected result as 0.9.4 (after updating the methods to the new names)
But gettype of value in callback method is furthermore string instead of array, so type check fails again.

but this cvs version breaks direct dependency of UserInput component of ezComponents
 
see: http://issues.ez.no/IssueView.php?Id=9289&activeItem=1
 [2006-10-28 08:01 UTC] derick@php.net 
Yes it does break the UserInput, it will be addressed in the next version of it.
 [2006-10-28 08:07 UTC] pierre dot php at gmail dot com 
The problem was not a change in the behavior but a bug in the callback implementation. When you return the variable without changing it, it fails (use debug mode to see the internals error message).

I do not use eZ, but this extension is beta, there is a warning about the experimental API in the manaual. It is unlikely that we will change it again but the risk exists.

As far as I remember eZ UserInput wraps filter if it is available and provides a different API (OO and type oriented instead of procedural and variables oriented), it is a joke to update the code to use the latest filter versions.

A propos, you may use the constants instead of  input_name_to_filter. And to test if there is POST, filter_has_var(INPUT_POST, 'submit').
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Thu Apr 18 23:01:27 2024 UTC