Mantis Bugtracker
  

Viewing Issue Advanced Details Jump to Notes ] View Simple ] Issue History ] Print ]
ID Category Severity Reproducibility Date Submitted Last Update
0001956 [Quercus] minor always 08-20-07 19:57 09-04-07 13:08
Reporter websurfer2 View Status public  
Assigned To nam
Priority normal Resolution fixed Platform
Status closed   OS
Projection none   OS Version
ETA none Fixed in Version 3.1.3 Product Version 3.1.3
  Product Build
Summary 0001956: Form field with quoted string is wrongly escaped
Description Quercus appears to not process quoted string from a http request correctly. When the submitted field is quoted such as ("test"), it will processed as (\"test\") in the $_REQUEST variable. While exactly the same script behaves normally in standard php engine.

Pasted are the html page used to submit the request and the php script show the processed request.

t.html // used to submit the request

<html>
  <head><title>test Page</title></head>
  <body>
  <h1> test</h1>
  <form method = post action="t.php">
    <input type =text name="QUERY" size=20>
    <input type=submit name="submit" value=submit>
  </form>
  </body>
</html>

t.php //used to show the request

<?php

    $query = $_REQUEST['QUERY'];
    echo $query;

?>
Steps To Reproduce
Additional Information
Attached Files

- Relationships

- Notes
(0002215)
bago
08-22-07 08:12

It could be a difference in magic quote configuration.
As an example drupal try to manually handle the various different configurations for PHP: http://www.php.net/manual/en/ref.info.php#ini.magic-quotes-gpc [^]

function _fix_gpc_magic(&$item) {
  if (is_array($item)) {
    array_walk($item, '_fix_gpc_magic');
  }
  else {
    $item = stripslashes($item);
  }
}

/**
 * Helper function to strip slashes from $_FILES skipping over the tmp_name keys
 * since PHP generates single backslashes for file paths on Windows systems.
 *
 * tmp_name does not have backslashes added see
 * http://php.net/manual/en/features.file-upload.php#42280 [^]
 */
function _fix_gpc_magic_files(&$item, $key) {
  if ($key != 'tmp_name') {
    if (is_array($item)) {
      array_walk($item, '_fix_gpc_magic_files');
    }
    else {
      $item = stripslashes($item);
    }
  }
}

/**
 * Correct double-escaping problems caused by "magic quotes" in some PHP
 * installations.
 */
function fix_gpc_magic() {
  static $fixed = FALSE;
  if (!$fixed && ini_get('magic_quotes_gpc')) {
    array_walk($_GET, '_fix_gpc_magic');
    array_walk($_POST, '_fix_gpc_magic');
    array_walk($_COOKIE, '_fix_gpc_magic');
    array_walk($_REQUEST, '_fix_gpc_magic');
    array_walk($_FILES, '_fix_gpc_magic_files');
    $fixed = TRUE;
  }
}
 
(0002262)
nam
09-04-07 13:08

php/0878

The default configuration for magic_quotes_gpc was ON. This means that quotes will be escaped in $_POST, $_GET, and $_COOKIES.

In the default php.ini, PHP5 has magic_quotes_gpc ON. But since PHP6 will be removing magic_quotes support altogether, Quercus will now have magic_quotes_gpc OFF by default.
 

- Issue History
Date Modified Username Field Change
08-20-07 19:57 websurfer2 New Issue
08-22-07 08:12 bago Note Added: 0002215
09-04-07 13:06 nam Status new => assigned
09-04-07 13:06 nam Assigned To  => nam
09-04-07 13:08 nam Status assigned => closed
09-04-07 13:08 nam Note Added: 0002262
09-04-07 13:08 nam Resolution open => fixed
09-04-07 13:08 nam Fixed in Version  => 3.1.3


Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
32 total queries executed.
28 unique queries executed.
Powered by Mantis Bugtracker