From: slawek at truxe dot com Operating system: Windows 2003 Server PHP version: 4.3.11 PHP Bug Type: Strings related Bug description: strip_tags() strips everything after "<="
Description: ------------ // strip_tags() strips everything after "<=" // strings like >= not affected <? $anyvalue = 10 ; $sql_query = "select * from anytable where anycolumn <= '" . $anyvalue . "'"; //after that $sql_query = strip_tags($sql_query); ?> // result of print $sql_query; select * from anytable where anycolumn // should be select * from anytable where anycolumn <= '10' Reproduce code: --------------- // strip_tags() strips everything after "<=" // strings like >= not affected <? $anyvalue = 10 ; $sql_query = "select * from anytable where anycolumn <= '" . $anyvalue . "'"; //after that $sql_query = strip_tags($sql_query); print $sql_query; ?> Expected result: ---------------- select * from anytable where anycolumn <= '10' Actual result: -------------- select * from anytable where anycolumn -- Edit bug report at http://bugs.php.net/?id=33275&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=33275&r=trysnapshot4 Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=33275&r=trysnapshot50 Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=33275&r=trysnapshot51 Fixed in CVS: http://bugs.php.net/fix.php?id=33275&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=33275&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=33275&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=33275&r=needscript Try newer version: http://bugs.php.net/fix.php?id=33275&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=33275&r=support Expected behavior: http://bugs.php.net/fix.php?id=33275&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=33275&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=33275&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=33275&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=33275&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=33275&r=dst IIS Stability: http://bugs.php.net/fix.php?id=33275&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=33275&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=33275&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=33275&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=33275&r=mysqlcfg
