Bug #15711: addslashes does not always add slashes

Mon, 25 Feb 2002 03:46:15 -0800 

From:             [EMAIL PROTECTED]
Operating system: Linux
PHP version:      4.0.6
PHP Bug Type:     Unknown/Other Function
Bug description:  addslashes does not always add slashes

I've added verbose reports in case this report is influences by addslashes
as well.

the following simple test:
<?php
    echo addslashes("' \' \\' \\\'\n");
    echo stripslashes(addslashes("' \' \\' \\\'\n"));
?>

(i.e.: quote, slash quote, double slash quote, triple slash quote) is
expected to yield (escape each slash and each quote):
\' \\\' \\\\\' \\\\\\\'
' \' \\' \\\'

(ie addslashes should yield slash quote, triple slash quote, five times
slash quote, seven times slash quote, stripslashes should yield quote,
slash quote, double slash quote, triple slash quote).

Instead, addslashes does not appear to quote properly and this is what I
get:
\' \\\' \\\' \\\\\'
' \' \' \\'

(addslashes: slash quote, triple slash quote, triple slash quote, five
times slash quote. stripslashes on this output: quote, slash quote, slash
quote, double slash quote).

Obviously, this makes addslashes kind-of useless if you get escaped input.
Yes, my database queries will not fail and that would be the primary use
of addslashes.

It appears that the escaped quote of the second and third combination
(double slash quote and triple slash quote) is not translated to the
expected triple slash quote (i.e. an escaped slash plus an escaped
quote).

Here's the configure line if it is of any use:
'./configure' '--with-apache=../apache' '--with-mysql=/usr'
'--with-openssl' '--with-zlib' '--enable-debug=no' '--enable-safe-mode=no'
'--enable-discard-path=no' '--with-gd' '--with-ttf'
'--enable-gd-imgstrttf' '--enable-gd-native-ttf' '--with-png-dir=/usr/lib'
'--with-jpeg-dir=/usr/lib' '--enable-magic-quotes' '--enable-ftp'
'--enable-memory-limit'

and I disabled magic_quotes_gpc in a local .htaccess


-- 
Edit bug report at http://bugs.php.net/?id=15711&edit=1
-- 
Fixed in CVS:        http://bugs.php.net/fix.php?id=15711&r=fixedcvs
Fixed in release:    http://bugs.php.net/fix.php?id=15711&r=alreadyfixed
Need backtrace:      http://bugs.php.net/fix.php?id=15711&r=needtrace
Try newer version:   http://bugs.php.net/fix.php?id=15711&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=15711&r=support
Expected behavior:   http://bugs.php.net/fix.php?id=15711&r=notwrong
Not enough info:     http://bugs.php.net/fix.php?id=15711&r=notenoughinfo
Submitted twice:     http://bugs.php.net/fix.php?id=15711&r=submittedtwice

Reply via email to