From:             [EMAIL PROTECTED]
Operating system: Windows 2K Server / IIS5
PHP version:      4.1.2
PHP Bug Type:     Strings related
Bug description:  Strtok in 4.1.2 parses differently from 4.0.6

(I'm not a PHP expert, so please be patient! :)

I'm crudely checking user login details to authenticate users on my
homepage. It's not great but it's been working in PHP4.0.6 for months.
After upgrading to 4.1.2 this script no longer works. Reinstalling 4.0.6
fixes the problem.

My stored string of user/password pairs:
============================
   $userlist = "+name1>password1+name2>password2+name3....";
============================

$uname and $upass are POSTed to a script, and the following code is part
of a function called to check that the user/password pair exists within
$userlist.

Assume user enters their username "name2".

I validate the username in PHP4.0.6 with:
============================
   $userfound = strstr($userlist, "+".$uname.">" );
   // Correctly gives me $userfound == "+name2>password2+name3...."
   if ($userfound)
   { // username found; get password
     $delims = "+>";
     strtok($userfound, $delims); // extract the user/password pair
     $storedname = strtok($delims);
     $storedpass = strtok($delims);
============================

...and in PHP4.0.6 I get (as you might expect) $storedname == "name2" and
$storedpass == "password2".

However, after upgrading to 4.1.2 (and everything else staying the same)
my parsed strings become $storedname == "password2" and $storedpass ==
"name3". It doesn't matter whether there's additional text before the
first delimiting "+".

I'm stumped! It looks like a bug to me, and I've searched the bug list for
other strtok bugs, but none is the same as this.
Cheers,
Ben Harvey
-- 
Edit bug report at http://bugs.php.net/?id=16123&edit=1
-- 
Fixed in CVS:        http://bugs.php.net/fix.php?id=16123&r=fixedcvs
Fixed in release:    http://bugs.php.net/fix.php?id=16123&r=alreadyfixed
Need backtrace:      http://bugs.php.net/fix.php?id=16123&r=needtrace
Try newer version:   http://bugs.php.net/fix.php?id=16123&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=16123&r=support
Expected behavior:   http://bugs.php.net/fix.php?id=16123&r=notwrong
Not enough info:     http://bugs.php.net/fix.php?id=16123&r=notenoughinfo
Submitted twice:     http://bugs.php.net/fix.php?id=16123&r=submittedtwice

Reply via email to