From: cryogen at mac dot com
Operating system: Mac OS X 10.4.6
PHP version: 5.1.4
PHP Bug Type: *Encryption and hash functions
Bug description: base64_encode/decode bug
Description:
------------
I have been using base64_encode/decode for the past 2 years to
pass complex SQL statements in href links between scripts
running under php 5.0.4. After upgrading to 5.1.2 I
experienced errors and missing data using the same functions.
I get the same results in php 5.1.4.
It appears that data is being lost or garbled in either the
encode or decode.
This problem does NOT occur on our production server running
5.0.4.
NOTE: Unable to post code to reproduced bug on production
server as we cannot install 5.1.x if there is a problem. I
tried to keep it as short as possible and illustrate the bug.
Reproduce code:
---------------
// base64_bug1.php - Demo bug with base64_encode/decode
//--------------
$query = "SELECT DISTINCT class.class_no, class.status, class.class_id,
class.sess_group, class.short_desc, class.classroom, class.ages,
class.capacity, csc.beg_date, csc.end_date, csc.end_date_infinite_flag,
csc.open_sched_flag, ins.lname, ins.fname, CONCAT(ins.fname,' ',ins.lname)
AS ins_full_name, csc.w_mon, csc.w_mon_time, csc.w_mon_duration, csc.w_tue,
csc.w_tue_time, csc.w_tue_duration, csc.w_wed, csc.w_wed_time,
csc.w_wed_duration, csc.w_thu, csc.w_thu_time, csc.w_thu_duration,
csc.w_fri, csc.w_fri_time, csc.w_fri_duration, csc.w_sat, csc.w_sat_time,
csc.w_sat_duration, csc.w_sun, csc.w_sun_time, csc.w_sun_duration FROM
class_sched_cfg AS csc, class LEFT JOIN class_sched AS cs ON
class.class_id = cs.class_id LEFT JOIN class_instruct AS ci ON
(class.class_id = ci.class_id AND ci.primary_ins_flag = 1) LEFT JOIN
instructor AS ins ON ci.ins_id = ins.ins_id WHERE class.co_id = 55555 AND
class.class_id = csc.class_id AND (((cs.beg_time > '01:00:00' AND
cs.beg_time < '23:00:00') OR (cs.end_time > '01:00:00' AND cs.end_time <
'23:00:00')) OR (cs.beg_time <= '01:00:00' AND cs.end_time >= '23:00:00'))
AND sess_group LIKE 'spring/summer%' AND (class.status = 'A' AND CURDATE()
<= csc.end_date) ORDER by short_desc";
$tmp = base64_encode($query);
echo "<a href='base64_bug2.php?query=".$tmp."'>Pass Data</a>";
?>
// base64_bug2.php - Demo bug with base64_encode/decode
//--------------
echo "<b>We should get our original encoded Value back.<br/>Encoded Value
Prior to base64_decode:</b><br/> ".$_REQUEST['query'];
$query = base64_decode($_REQUEST['query']);
echo "<p><b>Value After base64_decode:</b><br/> ".$query;
echo "<p><a href='encode_bug1.php'>Back to Step 1</a>";
?>
Expected result:
----------------
I should have gotten my original SQL string back after
executing the base64_decode(). I get part of the string back
with the last couple lines garbled with crazy characters.
Actual result:
--------------
I get part of the original string back with the last couple
lines garbled with crazy characters. Here is the actual
output from script base64_bu2.php:
SELECT DISTINCT class.class_no, class.status,
class.class_id, class.sess_group, class.short_desc,
class.classroom, class.ages, class.capacity, csc.beg_date,
csc.end_date, csc.end_date_infinite_flag,
csc.open_sched_flag, ins.lname, ins.fname, CONCAT
(ins.fname,' ',ins.lname) AS ins_full_name, csc.w_mon,
csc.w_mon_time, csc.w_mon_duration, csc.w_tue,
csc.w_tue_time, csc.w_tue_duration, csc.w_wed,
csc.w_wed_time, csc.w_wed_duration, csc.w_thu,
csc.w_thu_time, csc.w_thu_duration, csc.w_fri,
csc.w_fri_time, csc.w_fri_duration, csc.w_sat,
csc.w_sat_time, csc.w_sat_duration, csc.w_sun,
csc.w_sun_time, csc.w_sun_duration FROM class_sched_cfg AS
csc, class LEFT JOIN class_sched AS cs ON class.class_id =
cs.class_id LEFT JOIN class_instruct AS ci ON
(class.class_id = ci.class_id AND ci.primary_ins_flag = 1)
LEFT JOIN instructor AS ins ON ci.ins_id = ins.ins_id WHERE
class.co_id = 55555 AND class.class_id = csc.class_id AND
(((cs.beg_time � Ì�N��� È�S��ÜËY×Ý�[YH�� ÌÎ���
ÊH�Ô �ÜË[�Ý�[
YH� Ì�N��� È�S��ÜË[�Ý�[YH�� ÌÎ��� ÊJH�Ô
�ÜËY×Ý�[YH��H
Ì�N��� È�S��ÜË[�Ý�[YH�?H ÌÎ���
ÊJH�S��Ù\Ü×ÙÜÝ\���RÑH
ÜÜ�[ËÜÝ[[Y\IÈ�S� �Û�\ÜËÝ�]�\È�H ÐIÈ�S��ÕT�U�J H��H�ÜØË[�Ù�]�
JH�Ô�T�H�Ú�Ü?�Ù�\Ø
--
Edit bug report at http://bugs.php.net/?id=37336&edit=1
--
Try a CVS snapshot (PHP 4.4):
http://bugs.php.net/fix.php?id=37336&r=trysnapshot44
Try a CVS snapshot (PHP 5.1):
http://bugs.php.net/fix.php?id=37336&r=trysnapshot51
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=37336&r=trysnapshot60
Fixed in CVS: http://bugs.php.net/fix.php?id=37336&r=fixedcvs
Fixed in release:
http://bugs.php.net/fix.php?id=37336&r=alreadyfixed
Need backtrace: http://bugs.php.net/fix.php?id=37336&r=needtrace
Need Reproduce Script: http://bugs.php.net/fix.php?id=37336&r=needscript
Try newer version: http://bugs.php.net/fix.php?id=37336&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=37336&r=support
Expected behavior: http://bugs.php.net/fix.php?id=37336&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=37336&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=37336&r=submittedtwice
register_globals: http://bugs.php.net/fix.php?id=37336&r=globals
PHP 3 support discontinued: http://bugs.php.net/fix.php?id=37336&r=php3
Daylight Savings: http://bugs.php.net/fix.php?id=37336&r=dst
IIS Stability: http://bugs.php.net/fix.php?id=37336&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=37336&r=gnused
Floating point limitations: http://bugs.php.net/fix.php?id=37336&r=float
No Zend Extensions: http://bugs.php.net/fix.php?id=37336&r=nozend
MySQL Configuration Error: http://bugs.php.net/fix.php?id=37336&r=mysqlcfg
