php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #9238 strpos() cannot indicate success when matching char is first
Submitted: 2001-02-13 07:39 UTC Modified: 2001-02-13 14:08 UTC
From: phpbug at paypc dot com Assigned:
Status: Closed Package: Strings related
PHP Version: 4.0.3pl1 OS: Linux 2.2.17+openwall
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: phpbug at paypc dot com
New email:
PHP Version: OS:

 

 [2001-02-13 07:39 UTC] phpbug at paypc dot com
Sample script:

(Note, this will never report SSL even when $SSL_PROTOCOL=SSLv3 or TLSv1)

<?php
echo $SSL_PROTOCOL;
echo "<BR>Your connection method is: ";

if ( (strpos($SSL_PROTOCOL,"SSL")) || (strpos($SSL_PROTOCOL,"TLS")) )
{
        echo "SSL!";
}
else
{
        echo "non-SSL!";
}
?>

The documentation says strpos() returns FALSE if no match.  But what about a match on the first character (index 0)?  Seems like the index returned should have been 1-based instead.

The routine is flawless when the code is rewritten thusly:

<?php
echo $SSL_PROTOCOL;
echo "<BR>Your connection method is: ";

if ( (strpos($SSL_PROTOCOL,"SL")) || (strpos($SSL_PROTOCOL,"LS")) )
{
        echo "SSL!";
}
else
{
        echo "non-SSL!";
}
?>

configuration line for PHP4 build:

Command './configure' '--with-mhash=/usr/local' '--with-mcrypt=/usr/local' '--with-mysql=/usr/local' '--enable-trans-sid' '--with-mm=/usr/local' '--enable-memory-limit' '--with-zlib' '--enable-inline-optimization' '--with-imap=/usr/local' '--with-imap-ssl' '--with-gmp' '--with-gd' '--with-cpdflib' '--with-pdflib' '--with-tiff-dir' '--with-jpeg-dir' '--with-png-dir' '--enable-track-vars' '--enable-bcmath' '--enable-calendar' '--with-db3' '--enable-ftp' '--enable-shmop' '--enable-sockets' '--enable-sysvsem' '--enable-sysvshm' '--with-apache=../apache_1.3.14' 

OpenSSL 0.9.6, mod_ssl/2.7.1

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-02-13 12:48 UTC] cynic@php.net
all you need is
if( false !== strpos($SSL_PROTOCOL,"SSL")) || false !== (strpos($SSL_PROTOCOL,"TLS")) )

 [2001-02-13 14:08 UTC] phpbug at paypc dot com
Thank you.  I would recommend making a minor point in the documentation to clarify the requirement of checking against false (or != false) explicitly.  I imagine many people would be bitten by this little gotcha, particularly when coming from C backgrounds where if !() is used for if () == false.

Thanks for the swift response.  Your suggested work-around works just fine.

=Rob=

 
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Mon Jul 22 11:01:25 2019 UTC