php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #6610 HTMLSpecialChars parse error
Submitted: 2000-09-07 13:13 UTC Modified: 2000-09-07 13:17 UTC
From: gberenfield at berenfield dot com Assigned:
Status: Closed Package: *XML functions
PHP Version: 4.0.2 OS: Redhat Linux 6.2
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: gberenfield at berenfield dot com
New email:
PHP Version: OS:

 

 [2000-09-07 13:13 UTC] gberenfield at berenfield dot com
I've verified the following problem (at least it was for me!) in 4.0.2 with HTMLSpecialChars():

If parsing a string that contains a single-quote character (the ' character), it now translates it to ' which broke a few pages I wrote using ODBCSocketServer.

e.g. 

$sql3="select imitmidx_sql.item_no from imitmidx_sql where (imitmidx_sql.mat_cost_type='DRM') and (imitmidx_sql.item_no>='".$specno."') and (imitmidx_sql.item_no<'".$ends."')";
echo (HTMLSpecialChars($sql3)."\n<P>");

This spits out:

select imitmidx_sql.item_no from imitmidx_sql where (imitmidx_sql.mat_cost_type=&#039;DRM&#039;) and (imitmidx_sql.item_no&gt;=&#039;&#039;) and (imitmidx_sql.item_no&lt;&#039;&#039;)
<P>

To the web browser (raw HTML format).  

Again, this may not be a bug and is actually a fix of the HTMLSpecialChars function but it's breaking SQL calls via ODBCSocketServer 0.92.

-Greg

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2000-09-07 13:17 UTC] rasmus@php.net
Fixed in CVS
 
PHP Copyright © 2001-2020 The PHP Group
All rights reserved.
Last updated: Fri Feb 21 00:01:27 2020 UTC