PHP :: Bug #6878 :: urldecode() treats incoming %27's incorrectly

Bug #6878	urldecode() treats incoming %27's incorrectly
Submitted:	2000-09-25 11:12 UTC	Modified:	2000-09-25 19:06 UTC
From:	philnmarie at mail dot com	Assigned:
Status:	Closed	Package:	Strings related
PHP Version:	4.0.2	OS:	Linux 2.4.0-test4 (RH 6.2)
Private report:	No	CVE-ID:	None

View Developer Edit

[2000-09-25 11:12 UTC] philnmarie at mail dot com

When a perl script passes variables on the url in a "Location:" header, any %27s (apostrophes) are returned as \' (backslash apost).  However, when doing a urldecode(urlencode("test'ing")), "test'ing" is returned.  I kluged it with "$title = preg_replace("/\\\'/","'",urldecode($title))" for now.  I've verified that the perl script is requesting "somescript.php?title=test%27ing" in the browser location bar, too.
I've seen the other reports of something similar to this (#1765, mainly), but it did not seem to address 'incoming' variables, just ones generated from other PHP scripts.
The files that this is happening with are not done well at all right now (UGLY!), but if they would be of use, please let me know.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2000-09-25 19:06 UTC] stas@php.net

Try to turn off magic_quotes. If this doesn't help, please repoen with a reproducing code.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Mon Nov 03 02:00:02 2025 UTC