ID: 13520 Updated by: jeroen Reported By: [EMAIL PROTECTED] Status: Bogus Bug Type: Output Control Operating System: PHP Version: 4.0.6 New Comment:
And you're mixing up a PHP enviroment and a HTML enviroment. They both have their own rules for escaping. See the HTML specs for how HTML handles things Previous Comments: ------------------------------------------------------------------------ [2001-10-02 16:24:25] [EMAIL PROTECTED] This is not a bug. There is a configuration setting that controls this behavior. Review the configuration section of the manual (http://www.php.net/manual/en/configuration.php) Specifically, read the entries on them magic_quotes directives. ------------------------------------------------------------------------ [2001-10-02 16:06:41] [EMAIL PROTECTED] In a html: <a href="test.php?str=some'thing">test</a> And the test.php: <? echo $str; ?> I used the win32 binary version of the php. In the link I put the "some'thing" into the str variable whivh will pass to the script if i click on the Testlink. I read in the manual the ' " \ are special character, and I must escape them with a \. Ok, I didn't used the \ before the ' in the something text, so I think the normal is that I get some error message... But no: thw script will output the "some\'thing" text... which are funy because if I put the $str into a database (with a mysql_query) it will contain the original text: some'thing. And if I use the \ in my link (like this: test.php?str=some\'thing) then the script will output the "some\\\'thing"... But I think it must output the "some'thing" because I used the \ before the '. So, could be this a bug? I think so... ------------------------------------------------------------------------ Edit this bug report at http://bugs.php.net/?id=13520&edit=1 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
