ID: 42718 Updated by: [EMAIL PROTECTED] Reported By: arnaud dot lb at gmail dot com Status: Open Bug Type: Filter related Operating System: * PHP Version: 5CVS-2008-11-01 -Assigned To: lbarnaud +Assigned To: pajoye New Comment:
ooch. I did not catch in this bug before, but there is a major misunderstanding in the first comment. "The unsafe_raw filter does nothing by default, but it can "optionally strip or encode special characters", and it is the only filter which is able to do that without doing any other filtering." That's wrong. UNSAFE_RAW, the key word here is RAW. It means that the data is returned unfiltered, without flag, nothing, nada. If this behavior has been changed then please revert it. I did not check if it is present in 5.2.7 (it seems to be, as said in this report or another), that may require a quick fix release (Ilia?). Previous Comments: ------------------------------------------------------------------------ [2008-12-06 17:52:37] [EMAIL PROTECTED] All my apologizes for this broken fix. A quick workaround for 5.2.7 users is to add the following in the php.ini: filter.default_flags=0 Scott has reverted this and this bug is not present in CVS. ------------------------------------------------------------------------ [2008-12-06 17:32:55] [EMAIL PROTECTED] This is a proposed fix for this bug that will keep old behavior. Another fix could be simply to test IF_G(default_filter_flags) against FILTER_FLAG_NO_ENCODE_QUOTES instead of 0. http://ookoo.org/svn/snip/php_5_2-broken_filter_and_magic_quotes.patch ------------------------------------------------------------------------ [2008-12-06 17:18:40] [EMAIL PROTECTED] Reopening, this patch broke magic_quotes_gpc and has been backed out. ------------------------------------------------------------------------ [2008-11-02 22:07:23] [EMAIL PROTECTED] This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. ------------------------------------------------------------------------ [2008-11-02 13:06:39] [EMAIL PROTECTED] Arnaud, fix it yourself. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/42718 -- Edit this bug report at http://bugs.php.net/?id=42718&edit=1
