|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #6610 HTMLSpecialChars parse error
Submitted: 2000-09-07 13:13 UTC Modified: 2000-09-07 13:17 UTC
From: gberenfield at berenfield dot com Assigned:
Status: Closed Package: *XML functions
PHP Version: 4.0.2 OS: Redhat Linux 6.2
Private report: No CVE-ID: None
 [2000-09-07 13:13 UTC] gberenfield at berenfield dot com
I've verified the following problem (at least it was for me!) in 4.0.2 with HTMLSpecialChars():

If parsing a string that contains a single-quote character (the ' character), it now translates it to ' which broke a few pages I wrote using ODBCSocketServer.


$sql3="select imitmidx_sql.item_no from imitmidx_sql where (imitmidx_sql.mat_cost_type='DRM') and (imitmidx_sql.item_no>='".$specno."') and (imitmidx_sql.item_no<'".$ends."')";
echo (HTMLSpecialChars($sql3)."\n<P>");

This spits out:

select imitmidx_sql.item_no from imitmidx_sql where (imitmidx_sql.mat_cost_type=&#039;DRM&#039;) and (imitmidx_sql.item_no&gt;=&#039;&#039;) and (imitmidx_sql.item_no&lt;&#039;&#039;)

To the web browser (raw HTML format).  

Again, this may not be a bug and is actually a fix of the HTMLSpecialChars function but it's breaking SQL calls via ODBCSocketServer 0.92.



Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2000-09-07 13:17 UTC]
Fixed in CVS
PHP Copyright © 2001-2023 The PHP Group
All rights reserved.
Last updated: Mon May 29 10:03:44 2023 UTC