ID: 49444
User updated by: hafizanil at gmail dot com
Reported By: hafizanil at gmail dot com
Status: Bogus
Bug Type: Scripting Engine problem
Operating System: Windows Xp
PHP Version: 5.3.0
New Comment:
Thesolution i try is to split the string in js first
[code]
to_array = to.split("<");
[/code]
Then send back to php as reference.Bug still consider as a bug.
E.g Again
address bar : test.php?mail=admin (sit: mr chang n mr sairi n mr pzan)
<[email protected]>
[code]
<?php
echo "<pre>";
echo print_r($_GET);
echo "</pre>";
?>
[/code]
Output
Array
(
[mail] => admin (sit: mr chang n mr sairi n mr pzan)
)
1
Image :http://img512.imageshack.us/img512/9974/bugso.jpg
Previous Comments:
------------------------------------------------------------------------
[2009-09-03 11:13:37] [email protected]
JS treats literal new lines as delimiter.
------------------------------------------------------------------------
[2009-09-03 09:39:20] [email protected]
Not enough information was provided for us to be able
to handle this bug. Please re-read the instructions at
http://bugs.php.net/how-to-report.php
If you can provide more information, feel free to add it
to this bug and change the status back to "Open".
Thank you for your interest in PHP.
------------------------------------------------------------------------
[2009-09-03 01:16:15] hafizanil at gmail dot com
Javascript (Page 1)
<script language="javascript">
function sentMail() {
var url;
var to;
url = 'ml_compose_com.php?';
document.form.title.value='admin (sit: mr chang n mr sairi n mr
pzan)
<[email protected]>,';
title = escape(document.form.title.value);
if(title) { url= url+'&title='+ title; }
location = url+"&sent_mail=1";
}
</script>
Page 2 (ml_compose_com.php)
<?php
echo "<pre>".print_r($_GET)."</pre>";
var_dump($_GET);
?>
------------------------------------------------------------------------
[2009-09-02 19:11:27] [email protected]
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external
resources such as databases, etc. If the script requires a
database to demonstrate the issue, please make sure it creates
all necessary tables, stored procedures etc.
Please avoid embedding huge scripts into the report.
------------------------------------------------------------------------
[2009-09-02 16:07:28] hafizanil at gmail dot com
Description:
------------
Want to sent variable via javascript via $_GET method and the output
going hirewire.The varible sent also been escape
first(javascript).Tested using 5.29 and 5.3
Browser 1.Internet Explorer 7
2 Firefox 3.52
3. Opera 10
Reproduce code:
---------------
This is tested 5.29
[code]
$_GET['to']="admin (sit: mr chang n mr sairi n mr pzan)
<[email protected]>,";
echo strlen($_GET['to'])
// out put 63
var_dump($_GET);
// output only showing admin (sit: mr chang n mr sairi n mr pzan)
[/code]
This is tested 5.30
[code]
$_GET['to']="admin (sit: mr chang n mr sairi n mr pzan)
<[email protected]>,";
echo strlen($_GET['to'])
// out put 63
var_dump($_GET);
//output :Page going crazy.show all the php source
[/code]
Expected result:
----------------
var_dump or print_r $_GET array should understand the variable which
might contain "<>";
Actual result:
--------------
On 5.3 It show all the source php .
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=49444&edit=1
