Bug #52962 [Opn->Bgs]: preg_replace should allow all special characters to be escaped

Thu, 30 Sep 2010 18:16:03 -0700 

Edit report at http://bugs.php.net/bug.php?id=52962&edit=1

 ID:                 52962
 Updated by:         cataphr...@php.net
 Reported by:        rewilliams at crystaltech dot com
 Summary:            preg_replace should allow all special characters to
                     be escaped
-Status:             Open
+Status:             Bogus
 Type:               Bug
 Package:            PCRE related
 Operating System:   Mac OS X 10.6
 PHP Version:        5.3.3
 Block user comment: N

 New Comment:

This doesn't make sense. The replacement string is not a regular
expression, the only characters with special meaning are \ and $ because
they introduce the placeholders. In your solution, you would just be
forced to escape characters that don't need escaping at all.



In any case, definitely not a bug.


Previous Comments:
------------------------------------------------------------------------
[2010-10-01 02:49:35] rewilliams at crystaltech dot com

Description:
------------
One can use preg_quote() to prep a string for use as the search string
with 

preg_replace() and family. However, 

attempting to pass a string escaped by preg_quote() into preg_replace()
as the 

replacement string does not work 

because all PCRE-special characters (such as '+') are escaped, but only
'$' and 

'\' are unescaped by preg_replace(). 

IOW, this:



        $result = preg_replace("/bar/", '\\\\BAR\$\+', 'foo bar baz');



yields:



        foo \BAR$\+ baz



preg_replace() should treat all escaped characters equally so that one
can 

simply call preg_quote() and be done with 

it. As it is now, one must do something like this:



        $safeReplacementString = str_replace(array('\\', '$'), array('\\\\', 

'\\$'), $replacementString);



to avoid problems. Not is that an ugly solution, but I strongly suspect
that 

most code out there doesn't do it.

Expected result:
----------------
The preg_replace() family of functions should accept any escaped PCRE
special 

character sequence in the replacement text and treat it like the literal


equivalent. Thus, '\+' should be treated as the literal '+'.

Actual result:
--------------
Presently, the preg_replace() family of functions only accept escaped
sequences 

for '\' and '$'. If other PCRE-special characters, such as '+' or '*',
are passed 

into the replacement string, the escape sequences (e.g., '/+') are left
intact in 

the output result.


------------------------------------------------------------------------



-- 
Edit this bug report at http://bugs.php.net/bug.php?id=52962&edit=1

Reply via email to