PHP :: Bug #73639 :: parse_url fails when ? is present in the password section

Bug #73639	parse_url fails when ? is present in the password section
Submitted:	2016-12-02 01:47 UTC	Modified:	2016-12-03 00:04 UTC
From:	jazzerman+php at gmail dot com	Assigned:
Status:	Duplicate	Package:	*URL Functions
PHP Version:	5.6.28	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

[2016-12-02 01:47 UTC] jazzerman+php at gmail dot com

Description:
------------
---
From manual page: http://www.php.net/function.parse-url
---

I was using PHPActiveRecord and the framework utilizes parse_url to store the settings for DB connection. E.g.

$db_conn = 'mysql://db_username:zZ?Zmasdfj3459f8g7L0I$Ai5}OGe@localhost/db_name?charset=utf8';

print_r(parse_url($db_conn));

It was all working fine in all previous versions of PHP but with 5.6.28 for some reason it stopped parsing the string above. After testing I realized "?" in the password field causes the function to fail.

Please fix. Thanks!

Test script:
---------------
$db_conn = 'mysql://username:zZ?Zmasdfj3459f8g7L0I$Ai5}OGe@localhost/db_name?charset=utf8';

print_r(parse_url($db_conn));

Expected result:
----------------
Array
(
    [scheme] => mysql
    [host] => localhost
    [user] => username
    [pass] => zZ?Zmasdfj3459f8g7L0I$Ai5}OGe
    [path] => /db_name
    [query] => charset=utf8
)

Actual result:
--------------
bool(false)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2016-12-02 01:54 UTC] requinix@php.net

-Status: Open +Status: Duplicate

[2016-12-02 01:54 UTC] requinix@php.net

Characters like ? are not allowed in the userinfo portion of URLs, and PHP accepting them in the past was incorrect behavior. You need to urlencode() the password.

See also bug #73500

[2016-12-02 18:01 UTC] jazzerman+php at gmail dot com

-Status: Duplicate +Status: Closed

[2016-12-02 18:01 UTC] jazzerman+php at gmail dot com

Got it! I just removed that ? form the password - that fixed the issue. 

It works fine in my local development but on the production machine it was failing due to PHP version being newer. 

Thanks for your reply!

[2016-12-03 00:04 UTC] requinix@php.net

-Status: Closed +Status: Duplicate

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Tue Apr 01 19:01:31 2025 UTC