ID: 43162 Comment by: carsten_sttgt at gmx dot de Reported By: ryat at wolvez dot org Status: Feedback Bug Type: *General Issues Operating System: Ubuntu7.10 PHP Version: 5.2.4 New Comment:
> And why would you want to pass null byte in the parameter name? Because it's allowed to use "%00" in a query_string ;-) In $_SERVER['QUERY_STRING'] you have the correct value. It's also allowed, and works, to use "\0" as array key: | $a = array("a\0aaaa" => "test"); | echo $a["a\0aaaa"].PHP_EOL; | echo strlen(key($a)); prints: | test | 6 This also works: | $s = 'a%00aaaa=test'; | $s = rawurldecode($s); | $t = explode('=', $s); | $a[$t[0]] = $t[1]; | unset($t); | var_dump($a); But this not: | $s = 'a%00aaaa=test'; | $s = rawurldecode($s); | parse_str($s, $a); | var_dump($a); Maybe the problem is: With a possible "register_globals = on" or only "parse_str($s);", you have an illegal variable name? So, that is a bug, but maybe a "won't fix" and should be described in the manual? Regards, Carsten Previous Comments: ------------------------------------------------------------------------ [2007-11-01 11:46:29] zizzy at wolvez dot org I want to know is this is bug? ------------------------------------------------------------------------ [2007-11-01 09:25:46] [EMAIL PROTECTED] And why would you want to pass null byte in the parameter name? ------------------------------------------------------------------------ [2007-11-01 08:32:21] ryat at wolvez dot org Replenish other example magic_quotes_gpc=on http://127.0.0.1/test/test3.php?a%00aaaa=a%00aaaa Array ( [a] => a\0aaaa ) magic_quotes_gpc=off http://127.0.0.1/test/test3.php?a%00aaaa=a%00aaaa Array ( [a] => aaaaa ) ------------------------------------------------------------------------ [2007-10-31 17:01:40] ryat at wolvez dot org Hihi,pay attention to: magic_quotes_gpc=on http://127.0.0.1/test.php?a'aaaa=test Actual result: -------------- Array ( [a\'aaaa] => test ) http://127.0.0.1/test.php?a%00aaaa=test Actual result: -------------- Array ( [a] => test ) ------------------------------------------------------------------------ [2007-10-31 16:41:14] crescentfreshpot at yahoo dot com php is written in C. In C the null byte represents the end of a string. I don't think php can work around this. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/43162 -- Edit this bug report at http://bugs.php.net/?id=43162&edit=1