ID: 47229 Updated by: nlop...@php.net Reported By: daniel at code-emitter dot com Status: Closed Bug Type: PCRE related Operating System: any, see docs PHP Version: 5.2.8 Assigned To: nlopess New Comment:
This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. Previous Comments: ------------------------------------------------------------------------ [2009-01-28 13:23:30] fel...@php.net Ah, OK. Assigning to maintainer... ------------------------------------------------------------------------ [2009-01-28 12:44:48] daniel at code-emitter dot com preg_match('/^([a-zA-Z0-9'.preg_quote("!#$%&'*+-/=?^_`{|}~.", '/').']{1,64})@(.*)$/', $address, $matches) This will not work. I got this regexp from an example somewhere in the docs, so it seems that I'm not the only one who has built this into his application. ------------------------------------------------------------------------ [2009-01-28 12:42:35] daniel at code-emitter dot com preg_match('/^([a-zA-Z0-9\-'.preg_quote("!#$%&'*+/=?^_`{|}~.", '/').']{1,64})@(.*)$/', $address, $matches) But this will become a problem, when mixing like shown above. An escaped "-" outside of [...] does no harm, but an unescaped "-" inside does. ------------------------------------------------------------------------ [2009-01-28 12:38:36] fel...@php.net The '-' just have special meaning in the regex when used whithin '[ ]', which are escaped as expected. So, there is no possibility to '-' break something. var_dump(preg_quote("[0-2]")); // string(7) "\[0-2\]" ------------------------------------------------------------------------ [2009-01-28 12:23:33] daniel at code-emitter dot com Description: ------------ preg_quote does not escape the "-" (minus) character but it should. Reproduce code: --------------- preg_quote("0-9", '/') Expected result: ---------------- preg_quote("0-9", '/') == "0\-9" Actual result: -------------- preg_quote("0-9", '/') == "0-9" Depending on the used string this can become a dead loss of the used regular expression because all characters become valid. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=47229&edit=1