|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2015-07-10 15:01 UTC] cmb@php.net
-Status: Open
+Status: Verified
-Operating System: Ubuntu
+Operating System: *
[2015-07-10 15:01 UTC] cmb@php.net
[2015-07-10 15:36 UTC] cmb@php.net
-Status: Verified
+Status: Not a bug
-Assigned To:
+Assigned To: cmb
[2015-07-10 15:36 UTC] cmb@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Mon Oct 27 17:00:01 2025 UTC |
Description: ------------ When running a basic query through the filter_var function using FILTER_SANITIZE_STRING and FILER_FLAG_NO_ENCODE_QUOTES a portion of my string is being stripped out that shouldn't be. Test script: --------------- $sql = "SELECT customer, kdaccount, expDateMonth, expDateYear, nameid FROM creditcard_main WHERE ((expDateYear = '2016' AND expDateMonth <= '01') OR (expDateYear >= '2015' AND expDateMonth >= '07')) AND cardStatus = '1' AND cardAuthorized = '1' ORDER BY kdaccount ASC LIMIT 0, 25"; $query = filter_var ($sql, FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);die; Expected result: ---------------- Should be identical to original string: $query = "SELECT customer, kdaccount, expDateMonth, expDateYear, nameid FROM creditcard_main WHERE ((expDateYear = '2016' AND expDateMonth <= '01') OR (expDateYear >= '2015' AND expDateMonth >= '07')) AND cardStatus = '1' AND cardAuthorized = '1' ORDER BY kdaccount ASC LIMIT 0, 25" Actual result: -------------- $query = "SELECT customer, kdaccount, expDateMonth, expDateYear, nameid FROM creditcard_main WHERE ((expDateYear = '2016' AND expDateMonth = '2015' AND expDateMonth >= '07')) AND cardStatus = '1' AND cardAuthorized = '1' ORDER BY kdaccount ASC LIMIT 0, 25"