php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #57324 0.10.0 didn't filter arrays (unsafe_raw/callback)
Submitted: 2006-10-27 03:59 UTC Modified: 2006-10-28 08:07 UTC
From: michel at tourwerk dot de Assigned: pajoye (profile)
Status: Not a bug Package: filter (PECL)
PHP Version: 5.1.6 OS: Ubuntu 6.06
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: michel at tourwerk dot de
New email:
PHP Version: OS:

 

 [2006-10-27 03:59 UTC] michel at tourwerk dot de
Description:
------------
After updating filter extension from version 0.9.4 to 0.10.0 multi-value POST-Variables aren't filter as array, which does former version correctly.

With version 0.10.0 and filter type "unsafe_raw" I've got nothing back, with 0.9.4 I've got the current result back

With version 0.10.0 and filter type "callback" I've got nothing back, with 0.9.4 I've got the current result back, but both versions show me, that type of value in callback is string

Reproduce code:
---------------
<?php
if ($_POST){
	$value = input_get( INPUT_POST, "value", input_name_to_filter( "callback" ),array("check","checkArray") );	
	#$value1 = input_get( INPUT_POST, "value", input_name_to_filter( "unsafe_raw"));	
	print_r($value);
	#print_r($value1);
}
class check{
	function checkArray($wert){
		echo gettype($wert);	
		return $wert;
	}
}
?>
<html><body><form action="test.php" method="POST">
		<input type="checkbox" name="value[]" value="A" /> A<br />
		<input type="checkbox" name="value[]" value="B" /> B<br />
		<input type="submit" name="submit" value="Test it">	
</form></body></html>

Expected result:
----------------
for instance array(0 => "A");

Actual result:
--------------
version 0.9.4:
array(0 => "A")
version 0.10.0:
empty string


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2006-10-28 03:50 UTC] michel at tourwerk dot de
summary corrected
 [2006-10-28 06:56 UTC] pierre dot php at gmail dot com
Please try again using current CVS (or php 5.2.0RC). The functions have changed and a couple of annoying bugs have been fixed, the php manual is now updated (http://www.php.net/filter).
 [2006-10-28 07:46 UTC] michel at tourwerk dot de
cvs version shows the same expected result as 0.9.4 (after updating the methods to the new names)
But gettype of value in callback method is furthermore string instead of array, so type check fails again.

but this cvs version breaks direct dependency of UserInput component of ezComponents
 
see: http://issues.ez.no/IssueView.php?Id=9289&activeItem=1
 [2006-10-28 08:01 UTC] derick@php.net
Yes it does break the UserInput, it will be addressed in the next version of it.
 [2006-10-28 08:07 UTC] pierre dot php at gmail dot com
The problem was not a change in the behavior but a bug in the callback implementation. When you return the variable without changing it, it fails (use debug mode to see the internals error message).

I do not use eZ, but this extension is beta, there is a warning about the experimental API in the manaual. It is unlikely that we will change it again but the risk exists.

As far as I remember eZ UserInput wraps filter if it is available and provides a different API (OO and type oriented instead of procedural and variables oriented), it is a joke to update the code to use the latest filter versions.

A propos, you may use the constants instead of  input_name_to_filter. And to test if there is POST, filter_has_var(INPUT_POST, 'submit').
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 17:01:29 2024 UTC