[PHP-DEV] PHP 4.0 Bug #8071 Updated: quotes being added with readfile()

Tue, 30 Jan 2001 01:11:00 -0800 

ID: 8071
Updated by: sniper
Reported By: [EMAIL PROTECTED]
Old-Status: Feedback
Status: Closed
Bug Type: *Session related
Assigned To: 
Comments:

This should be fixed in PHP 4.0.4pl1 (or at least in the
latest CVS, try a snapshot from http://snaps.php.net/ )

--Jani


Previous Comments:
---------------------------------------------------------------------------

[2000-12-11 10:35:48] [EMAIL PROTECTED]
The user is using trans-sid feature.

Could you please give example of any file where it happens?

---------------------------------------------------------------------------

[2000-12-11 05:41:11] [EMAIL PROTECTED]
Do you use trans-sid feature?

---------------------------------------------------------------------------

[2000-12-01 16:34:52] [EMAIL PROTECTED]
PHP seems to be adding quotes after "=" (equal signs) when putting a binary file 
through to the browser via readfile().

A snippet of the code doing this:

                // Send the file.  Note that PHP automatically sends the
                // private cache directives as this is part of a session.
                $size = filesize("$xferdir->path/$dload");
                header("Content-Type: $type");
                header("Content-Length: $size");
                // detect any gzip'd files and set the content encoding
                // header accordingly
                if (preg_match('/.gz$/', $file))
                        header ("Content-Encoding: gzip");
                // disable magic quotes so they don't interfere with the 
                // file being sent.
//              if (get_magic_quotes_runtime())
                        set_magic_quotes_runtime(0);
                // dump the file to the browser
                if (readfile("$xferdir->path/$dload") == $size) {
                        // if the file is fully downloaded
                        // add a line to the sslxfer log
                        log_xfer("$xferdir->path/$dload", "down");
                }

The script is called as "dload.php/<filename>" and then sends the given file to the 
user.  I'll check with our legal dept (blech) on Monday and see if I can make the 
original and modified files available.


---------------------------------------------------------------------------


Full Bug description available at: http://bugs.php.net/?id=8071


-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to