php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #6610 HTMLSpecialChars parse error
Submitted: 2000-09-07 13:13 UTC Modified: 2000-09-07 13:17 UTC
From: gberenfield at berenfield dot com Assigned:
Status: Closed Package: *XML functions
PHP Version: 4.0.2 OS: Redhat Linux 6.2
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: gberenfield at berenfield dot com
New email:
PHP Version: OS:

 

 [2000-09-07 13:13 UTC] gberenfield at berenfield dot com 
I've verified the following problem (at least it was for me!) in 4.0.2 with HTMLSpecialChars():

If parsing a string that contains a single-quote character (the ' character), it now translates it to ' which broke a few pages I wrote using ODBCSocketServer.

e.g. 

$sql3="select imitmidx_sql.item_no from imitmidx_sql where (imitmidx_sql.mat_cost_type='DRM') and (imitmidx_sql.item_no>='".$specno."') and (imitmidx_sql.item_no<'".$ends."')";
echo (HTMLSpecialChars($sql3)."\n<P>");

This spits out:

select imitmidx_sql.item_no from imitmidx_sql where (imitmidx_sql.mat_cost_type=&#039;DRM&#039;) and (imitmidx_sql.item_no&gt;=&#039;&#039;) and (imitmidx_sql.item_no&lt;&#039;&#039;)
<P>

To the web browser (raw HTML format).  

Again, this may not be a bug and is actually a fix of the HTMLSpecialChars function but it's breaking SQL calls via ODBCSocketServer 0.92.

-Greg

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2000-09-07 13:17 UTC] rasmus@php.net 
Fixed in CVS
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Tue Apr 23 19:01:31 2024 UTC