Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:4315
Return-Path: <jsjohnst@altdns.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 25020 invoked by uid 1010); 31 Aug 2003 11:29:47 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 24996 invoked from network); 31 Aug 2003 11:29:47 -0000
Received: from unknown (HELO mail.rocketservers.net) (64.246.52.103)
  by pb1.pair.com with SMTP; 31 Aug 2003 11:29:47 -0000
Received: (qmail 17159 invoked from network); 31 Aug 2003 11:31:16 -0000
Received: from unknown (HELO localhost) (127.0.0.1)
  by localhost with SMTP; 31 Aug 2003 11:31:16 -0000
To: Ken Tossell <ken@tossell.net>
Cc: PHP-Internals <internals@lists.php.net>
In-Reply-To: <3F510F77.5030201@tossell.net>
References: <1062302408.2724.33.camel@localhost>
	 <3F510F77.5030201@tossell.net>
Content-Type: text/plain
Message-ID: <1062329385.555.0.camel@localhost>
Mime-Version: 1.0
X-Mailer: Ximian Evolution 1.4.0 
Date: 31 Aug 2003 06:29:45 -0500
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] Looking for comments whether this is a bug or not
From: jsjohnst@altdns.net (Jeremy Johnstone)

The actual value of those variables are pulled in from other sources,
they are not actually hard coded like I showed below. It was simply for
illustration purposes.

Jeremy

On Sat, 2003-08-30 at 15:56, Ken Tossell wrote:
> Your string assignments look wrong. For example, "\t" is a tab 
> character. Try your test cases with 'This is a test email. Testing 
> c:\test\foo.exe'; that should give you a proper string.
> 
> Ken
> 
> Jeremy Johnstone wrote:
> 
> >I am not sure if this is a bug, but I have came across two test cases
> >where the behavior is not as expected so I thought I would ask.
> >
> >The problem I am having seems to be with addslashes not properly
> >escaping this type of string "C:\test\foo.exe". Here is the scenario:
> >
> >$email->body = "This is a test email. Testing c:\test\foo.exe";
> >
> >When the $email object is later broke down and stored in the database
> >addslashes is done (as it should be) before the variable is stored. 
> >
> >If you check the database though, no slashes were added to the string.
> >The only way I can seem to get it to work as I thought it should, is to
> >do the following:
> >
> >addslashes(str_replace("\\", "\\\\", $body))
> >
> >Then when you check the database you see the proper "This is a test
> >email. Testing c:\\test\\foo.exe". 
> >
> >The other example I have is with an object which looks similar to:
> >
> >class login_handler 
> >{
> >
> >	var last_ticket_subject;
> >
> >        // ... (code truncated)
> >
> >}
> >
> >If I set the class's last_ticket_subject to "This is a test
> >c:\test\foo.com" later in the code, then do the following:
> >
> >addslashes(serialize($login_handler))
> >
> >and check the database, once again it didn't add any slashes. The only
> >way I can get it to add the slashes as I think it should, is to do the
> >following:
> >
> >addslashes(str_replace("\\", "\\\\", serialize($login_handler)))
> >
> >I am doing something wrong (or did I misunderstand something) or is this
> >in fact a bug? I have tested it on PHP 4.2, 4.3.2, and 4.3.3 and the
> >behavior is exactly the same. If it isn't a bug, can someone clarify for
> >me why addslashes would be designed this way?
> >
> >Jeremy Johnstone
> >
> >
> >
> >
> >  
> >