ID: 49444
Updated by: j...@php.net
Reported By: hafizanil at gmail dot com
-Status: Open
+Status: Feedback
Bug Type: Scripting Engine problem
Operating System: Windows Xp
PHP Version: 5.3.0
New Comment:
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external
resources such as databases, etc. If the script requires a
database to demonstrate the issue, please make sure it creates
all necessary tables, stored procedures etc.
Please avoid embedding huge scripts into the report.
Previous Comments:
------------------------------------------------------------------------
[2009-09-02 16:07:28] hafizanil at gmail dot com
Description:
------------
Want to sent variable via javascript via $_GET method and the output
going hirewire.The varible sent also been escape
first(javascript).Tested using 5.29 and 5.3
Browser 1.Internet Explorer 7
2 Firefox 3.52
3. Opera 10
Reproduce code:
---------------
This is tested 5.29
[code]
$_GET['to']="admin (sit: mr chang n mr sairi n mr pzan)
<kamb...@gmail.com>,";
echo strlen($_GET['to'])
// out put 63
var_dump($_GET);
// output only showing admin (sit: mr chang n mr sairi n mr pzan)
[/code]
This is tested 5.30
[code]
$_GET['to']="admin (sit: mr chang n mr sairi n mr pzan)
<kamb...@gmail.com>,";
echo strlen($_GET['to'])
// out put 63
var_dump($_GET);
//output :Page going crazy.show all the php source
[/code]
Expected result:
----------------
var_dump or print_r $_GET array should understand the variable which
might contain "<>";
Actual result:
--------------
On 5.3 It show all the source php .
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=49444&edit=1
