#20098 [Opn->Csd]: POSTed variables are urldecoded twice

sniper Fri, 25 Oct 2002 13:14:20 -0700

 ID:               20098
 Updated by:       [EMAIL PROTECTED]
 Reported By:      [EMAIL PROTECTED]
-Status:           Open
+Status:           Closed
 Bug Type:         Scripting Engine problem
 Operating System: FreeBSD 4.7-RELEASE
 PHP Version:      4.2.3
 New Comment:


This bug has been fixed in CVS.

In case this was a PHP problem, snapshots of the sources are packaged
every three hours; this change will be in the next snapshot. You can
grab the snapshot at http://snaps.php.net/.
 
In case this was a documentation problem, the fix will show up soon at
http://www.php.net/manual/.

In case this was a PHP.net website problem, the change will show
up on the PHP.net site and on the mirror sites in short time.
 
Thank you for the report, and for helping us make PHP better.


Previous Comments:
------------------------------------------------------------------------

[2002-10-25 15:09:11] [EMAIL PROTECTED]

If you type a '+' in a field it get's converted to
'%2B' before sent to the server. php urldecodes it
twice: '%2B' -> '+' -> ' '.

The problem is in the file:

ext/mbstring/mbstring.c: lines 1033-1045:
val = strchr(var, '=');
        val_list[n] = var;
        len_list[n] = php_url_decode(var, strlen(var));
        n++;
        if (val) { /* have a value */
            *val++ = '\0';
            val_list[n] = val;
            len_list[n] = php_url_decode(val, strlen(val));
        } else {
            val_list[n] = "";
            len_list[n] = 0;
        }

A possible bugfix is:
==== BEGIN diff ===========================================
*** ext/mbstring/mbstring.c.ORIG        Thu Aug  1 07:47:56 2002
--- ext/mbstring/mbstring.c     Fri Oct 25 21:36:40 2002
***************
*** 1032,1041 ****
        while (var)  {
                val = strchr(var, '=');
                val_list[n] = var;
                len_list[n] = php_url_decode(var, strlen(var));
                n++;
                if (val) { /* have a value */
-                       *val++ = '\0';
                        val_list[n] = val;
                        len_list[n] = php_url_decode(val,
strlen(val));
                } else {
--- 1032,1042 ----
        while (var)  {
                val = strchr(var, '=');
                val_list[n] = var;
+               if (val)
+                       *val++ = '\0';
                len_list[n] = php_url_decode(var, strlen(var));
                n++;
                if (val) { /* have a value */
                        val_list[n] = val;
                        len_list[n] = php_url_decode(val,
strlen(val));
                } else {
============================================================



------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=20098&edit=1

#20098 [Opn->Csd]: POSTed variables are urldecoded twice

Reply via email to