php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #73754 parse_url returns false if # in password
Submitted: 2016-12-15 20:47 UTC Modified: 2016-12-16 00:23 UTC
Votes:1
Avg. Score:5.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: byron at raventools dot com Assigned:
Status: Not a bug Package: URL related
PHP Version: 5.6.29 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
 [2016-12-15 20:47 UTC] byron at raventools dot com 
Description:
------------
parse_url seems to break urls with # in password. In our case it caused ActiveRecord to start failing to connect to our mysql server who's password had a # in it. eg mysql://foo:ba#r@mysqlserver.internal:3306/mydb;charset=utf8

Test script:
---------------
<?php
var_dump(parse_url("mysql://foo:ba#r@mysqlserver.internal:3306/mydb;charset=utf8"));

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2016-12-15 20:48 UTC] byron at raventools dot com 
I think this is related to https://bugs.php.net/bug.php?id=73192
 [2016-12-15 22:09 UTC] fernando at null-life dot com 
You must urlencode the # now, %23 

You should have encoded it since the beginning, there's a duplicate of this issue marked as wontfix
 [2016-12-16 00:23 UTC] yohgaki@php.net
-Status: Open +Status: Not a bug
 [2016-12-16 00:23 UTC] yohgaki@php.net 
The URL(URI) is invalid. i.e. user/pass must be URL encoded
There are other chars that must be encoded, too. e.g. ' '(space), /, :,etc
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Fri Oct 24 18:00:01 2025 UTC