|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #8986 preg_replace: "$dd" pattern in replacement string treated as a backreference
Submitted: 2001-01-29 13:00 UTC Modified: 2001-01-29 17:25 UTC
From: gwh at acm dot org Assigned:
Status: Closed Package: PCRE related
PHP Version: 4.0.4pl1 OS: linux
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please !
Your email address:
Solve the problem:
6 + 11 = ?
Subscribe to this entry?

 [2001-01-29 13:00 UTC] gwh at acm dot org
In php_pcre.c line 630, the dollar sign '$' is also used as in indicator for a backreference, which is undocumented. This breaks any replacement string that contains the "$dd" pattern where "dd" are numerical digits. For example:

$test = "hello there";
$output = preg_replace("/hello/","$10.00",$test);
print $output;

results in the output:

.00 there

The "$10" is taken as a back reference and resolves to NULL leaving the ".00". 

In my application, I need to merge user generated text that may contain dollar signs. I am using preg_replace and doing multiple keyword,value substitutions using arrays.

My only workaround right now is to perform a preliminary preg_replace and insert a space after each dollar sign.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2001-01-29 13:05 UTC] gwh at acm dot org
By the way, no variable replacement is taking place with the "$10.00". It fails if the script is:

$test = "hello there";
$output = preg_replace('/hello/','$10.00',$test);
print $output;

as well. The input that I am passing to the function is posted form data. Which contains valid text up to this function call, afterwhich the replaced text exhibits the problem described above.

 [2001-01-29 17:25 UTC]
This is documented in the online manual. Please use \\ in front of $ to escape it (latest CVS).
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Thu Oct 28 05:03:34 2021 UTC