[PHP-BUG] Bug #62683 [NEW]: FILTER_SANITIZE_SPECIAL_CHARS does not work as declared
From: admin dot windows at gmail dot com Operating system: Windows/Linux PHP version: 5.3.15 Package: Filter related Bug Type: Bug Bug description:FILTER_SANITIZE_SPECIAL_CHARS does not work as declared Description: FILTER_SANITIZE_SPECIAL_CHARS and FILTER_SANITIZE_FULL_SPECIAL_CHARS does not work as documented and produced results does not match htmlspecialchars results at all. Test script: --- $string = "O'Reilly - PHP Tips & Tricks"; //string 'O'Reilly - PHP Tips & Tricks' (length=44) var_dump($string); //string '<a href="#">O'Reilly - PHP Tips & Tricks</a>' (length=75) var_dump(htmlspecialchars($string, ENT_QUOTES)); //string '<a href="#">O'Reilly - PHP Tips & Tricks</a>' (length=76) var_dump(filter_var($string, FILTER_SANITIZE_SPECIAL_CHARS)); //string '<a href="#">O'Reilly - PHP Tips & Tricks</a>' (length=76) var_dump(filter_var($string, FILTER_SANITIZE_FULL_SPECIAL_CHARS)); Expected result: //string '<a href="#">O'Reilly - PHP Tips & Tricks</a>' (length=75) Actual result: -- //string '<a href="#">O'Reilly - PHP Tips & Tricks</a>' (length=76) -- Edit bug report at https://bugs.php.net/bug.php?id=62683&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=62683&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=62683&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=62683&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=62683&r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=62683&r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=62683&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=62683&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=62683&r=needscript Try newer version: https://bugs.php.net/fix.php?id=62683&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=62683&r=support Expected behavior: https://bugs.php.net/fix.php?id=62683&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=62683&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=62683&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=62683&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=62683&r=php4 Daylight Savings:https://bugs.php.net/fix.php?id=62683&r=dst IIS Stability: https://bugs.php.net/fix.php?id=62683&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=62683&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=62683&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=62683&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=62683&r=mysqlcfg
Bug #61766 [Fbk->Opn]: call_user_func sends scrambled class name to autoload
Edit report at https://bugs.php.net/bug.php?id=61766&edit=1
ID: 61766
User updated by:admin dot windows at gmail dot com
Reported by:admin dot windows at gmail dot com
Summary:call_user_func sends scrambled class name to
autoload
-Status: Feedback
+Status: Open
Type: Bug
Package:*General Issues
Operating System: ALL
PHP Version:5.3.10
Block user comment: N
Private report: N
New Comment:
Unfortunately I don't have rights to enable or disable modules on my cloud, I
would pass this issue to my hosting support.
Also I noticed that server is protected with the Suhosin Patch 0.9.10 can it
cause
this behavior?
Previous Comments:
[2012-04-19 09:21:26] johan...@php.net
Please disable ionCube Loader, Zend Guard Loader and XCache as all of these 3rd
party modules change the engine's behaviour.
[2012-04-19 09:06:56] admin dot windows at gmail dot com
Hi,
I have following extensions enabled on my hosting (Rackspace):
Core, date, ereg, libxml, openssl, pcre, sqlite3, zlib, bz2, calendar, ctype,
hash, filter, ftp, gettext, gmp, SPL, iconv, Reflection, session, standard,
shmop, SimpleXML, sockets, exif, tokenizer, xml, apache2handler, bcmath, curl,
dba, dom, fileinfo, gd, imagick, imap, intl, json, ldap, pdf, mbstring, mcrypt,
memcache, mongo, mssql, mysql, mysqli, odbc, PDO, pdo_dblib, pdo_mysql,
PDO_ODBC, pdo_pgsql, pdo_sqlite, pgsql, Phar, posix, pspell, recode, redis,
snmp, soap, sysvmsg, sysvsem, sysvshm, tidy, uploadprogress, wddx, xmlreader,
xmlrpc, xmlwriter, xsl, yaz, zip, ionCube Loader, Zend Guard Loader, XCache
[2012-04-19 07:07:33] ahar...@php.net
I can't reproduce this.
What extensions do you have enabled?
[2012-04-18 15:19:23] admin dot windows at gmail dot com
Description:
I have discovered weird behaviour of call_user_func that breaks class
autoloader by providing scrambled class name for example instead of "myObject"
it provides "zw87zl18".
This event only occurs if you are using custom class autoloader and requesting
static method that is not declared as static.
Test script:
---
//FILE: myObject.php
class myObject {
public static function method1(){var_dump(__METHOD__);}
public function method2(){var_dump(__METHOD__);}
}
//FILE: index.php
ini_set('display_errors', TRUE);
function __autoload($className) {
include sprintf('%s/%s.php', getcwd(), $className);
}
call_user_func(array('myObject', 'method1'));//works fine
call_user_func(array('myObject', 'method2'));//produce an error
Expected result:
string(17) "myObject::method1"
string(17) "myObject::method2"
Actual result:
--
string(17) "myObject::method1"
Warning: include(/www/zw87zl18.php) [function.include]: failed to open stream:
No such file or directory in /www/index.php on line 9
Warning: include() [function.include]: Failed opening '/www/zw87zl18.php' for
inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /www/index.php
on line 9
Warning: include(/www/zw87zl18.php) [function.include]: failed to open stream:
No such file or directory in /www/index.php on line 9
Warning: include() [function.include]: Failed opening '/www/zw87zl18.php' for
inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /www/index.php
on line 9
string(17) "myObject::method2"
--
Edit this bug report at https://bugs.php.net/bug.php?id=61766&edit=1
Bug #61766 [Fbk->Opn]: call_user_func sends scrambled class name to autoload
Edit report at https://bugs.php.net/bug.php?id=61766&edit=1
ID: 61766
User updated by:admin dot windows at gmail dot com
Reported by:admin dot windows at gmail dot com
Summary:call_user_func sends scrambled class name to
autoload
-Status: Feedback
+Status: Open
Type: Bug
Package:*General Issues
Operating System: ALL
PHP Version:5.3.10
Block user comment: N
Private report: N
New Comment:
Hi,
I have following extensions enabled on my hosting (Rackspace):
Core, date, ereg, libxml, openssl, pcre, sqlite3, zlib, bz2, calendar, ctype,
hash, filter, ftp, gettext, gmp, SPL, iconv, Reflection, session, standard,
shmop, SimpleXML, sockets, exif, tokenizer, xml, apache2handler, bcmath, curl,
dba, dom, fileinfo, gd, imagick, imap, intl, json, ldap, pdf, mbstring, mcrypt,
memcache, mongo, mssql, mysql, mysqli, odbc, PDO, pdo_dblib, pdo_mysql,
PDO_ODBC, pdo_pgsql, pdo_sqlite, pgsql, Phar, posix, pspell, recode, redis,
snmp, soap, sysvmsg, sysvsem, sysvshm, tidy, uploadprogress, wddx, xmlreader,
xmlrpc, xmlwriter, xsl, yaz, zip, ionCube Loader, Zend Guard Loader, XCache
Previous Comments:
[2012-04-19 07:07:33] ahar...@php.net
I can't reproduce this.
What extensions do you have enabled?
[2012-04-18 15:19:23] admin dot windows at gmail dot com
Description:
I have discovered weird behaviour of call_user_func that breaks class
autoloader by providing scrambled class name for example instead of "myObject"
it provides "zw87zl18".
This event only occurs if you are using custom class autoloader and requesting
static method that is not declared as static.
Test script:
---
//FILE: myObject.php
class myObject {
public static function method1(){var_dump(__METHOD__);}
public function method2(){var_dump(__METHOD__);}
}
//FILE: index.php
ini_set('display_errors', TRUE);
function __autoload($className) {
include sprintf('%s/%s.php', getcwd(), $className);
}
call_user_func(array('myObject', 'method1'));//works fine
call_user_func(array('myObject', 'method2'));//produce an error
Expected result:
string(17) "myObject::method1"
string(17) "myObject::method2"
Actual result:
--
string(17) "myObject::method1"
Warning: include(/www/zw87zl18.php) [function.include]: failed to open stream:
No such file or directory in /www/index.php on line 9
Warning: include() [function.include]: Failed opening '/www/zw87zl18.php' for
inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /www/index.php
on line 9
Warning: include(/www/zw87zl18.php) [function.include]: failed to open stream:
No such file or directory in /www/index.php on line 9
Warning: include() [function.include]: Failed opening '/www/zw87zl18.php' for
inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /www/index.php
on line 9
string(17) "myObject::method2"
--
Edit this bug report at https://bugs.php.net/bug.php?id=61766&edit=1
[PHP-BUG] Bug #61766 [NEW]: call_user_func sends scrambled class name to autoload
From:
Operating system: ALL
PHP version: 5.3.10
Package: *General Issues
Bug Type: Bug
Bug description:call_user_func sends scrambled class name to autoload
Description:
I have discovered weird behaviour of call_user_func that breaks class
autoloader by providing scrambled class name for example instead of
"myObject" it provides "zw87zl18".
This event only occurs if you are using custom class autoloader and
requesting static method that is not declared as static.
Test script:
---
//FILE: myObject.php
class myObject {
public static function method1(){var_dump(__METHOD__);}
public function method2(){var_dump(__METHOD__);}
}
//FILE: index.php
ini_set('display_errors', TRUE);
function __autoload($className) {
include sprintf('%s/%s.php', getcwd(), $className);
}
call_user_func(array('myObject', 'method1'));//works fine
call_user_func(array('myObject', 'method2'));//produce an error
Expected result:
string(17) "myObject::method1"
string(17) "myObject::method2"
Actual result:
--
string(17) "myObject::method1"
Warning: include(/www/zw87zl18.php) [function.include]: failed to open
stream: No such file or directory in /www/index.php on line 9
Warning: include() [function.include]: Failed opening '/www/zw87zl18.php'
for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in
/www/index.php on line 9
Warning: include(/www/zw87zl18.php) [function.include]: failed to open
stream: No such file or directory in /www/index.php on line 9
Warning: include() [function.include]: Failed opening '/www/zw87zl18.php'
for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in
/www/index.php on line 9
string(17) "myObject::method2"
--
Edit bug report at https://bugs.php.net/bug.php?id=61766&edit=1
--
Try a snapshot (PHP 5.4):
https://bugs.php.net/fix.php?id=61766&r=trysnapshot54
Try a snapshot (PHP 5.3):
https://bugs.php.net/fix.php?id=61766&r=trysnapshot53
Try a snapshot (trunk):
https://bugs.php.net/fix.php?id=61766&r=trysnapshottrunk
Fixed in SVN:
https://bugs.php.net/fix.php?id=61766&r=fixed
Fixed in SVN and need be documented:
https://bugs.php.net/fix.php?id=61766&r=needdocs
Fixed in release:
https://bugs.php.net/fix.php?id=61766&r=alreadyfixed
Need backtrace:
https://bugs.php.net/fix.php?id=61766&r=needtrace
Need Reproduce Script:
https://bugs.php.net/fix.php?id=61766&r=needscript
Try newer version:
https://bugs.php.net/fix.php?id=61766&r=oldversion
Not developer issue:
https://bugs.php.net/fix.php?id=61766&r=support
Expected behavior:
https://bugs.php.net/fix.php?id=61766&r=notwrong
Not enough info:
https://bugs.php.net/fix.php?id=61766&r=notenoughinfo
Submitted twice:
https://bugs.php.net/fix.php?id=61766&r=submittedtwice
register_globals:
https://bugs.php.net/fix.php?id=61766&r=globals
PHP 4 support discontinued:
https://bugs.php.net/fix.php?id=61766&r=php4
Daylight Savings:https://bugs.php.net/fix.php?id=61766&r=dst
IIS Stability:
https://bugs.php.net/fix.php?id=61766&r=isapi
Install GNU Sed:
https://bugs.php.net/fix.php?id=61766&r=gnused
Floating point limitations:
https://bugs.php.net/fix.php?id=61766&r=float
No Zend Extensions:
https://bugs.php.net/fix.php?id=61766&r=nozend
MySQL Configuration Error:
https://bugs.php.net/fix.php?id=61766&r=mysqlcfg
Bug #52641 [Com]: scrambled class name passed by call_user_func on non existing methods
Edit report at http://bugs.php.net/bug.php?id=52641&edit=1 ID: 52641 Comment by: admin dot windows at gmail dot com Reported by:admin dot windows at gmail dot com Summary:scrambled class name passed by call_user_func on non existing methods Status: Feedback Type: Bug Package:Class/Object related Operating System: Linux PHP Version:5.2.13 Block user comment: N New Comment: Here is output of get_loaded_extensions() on my local system PHP v 5.3.2, WIN 7 64bit. Array ( [0] => Core [1] => com_dotnet [2] => ctype [3] => date [4] => ereg [5] => filter [6] => ftp [7] => hash [8] => iconv [9] => json [10] => session [11] => openssl [12] => pcre [13] => Reflection [14] => standard [15] => SPL [16] => mysqlnd [17] => zlib [18] => libxml [19] => dom [20] => PDO [21] => pdo_sqlite [22] => SimpleXML [23] => xml [24] => cgi-fcgi [25] => bcmath [26] => bz2 [27] => calendar [28] => curl [29] => exif [30] => gd [31] => gettext [32] => imap [33] => ldap [34] => mbstring [35] => mcrypt [36] => mysql [37] => mysqli [38] => pdo_mysql [39] => pdo_pgsql [40] => pgsql [41] => soap [42] => sockets [43] => tidy [44] => tokenizer [45] => xsl [46] => zip [47] => intl [48] => SQLite [49] => xmlreader [50] => xmlwriter [51] => fileinfo [52] => Phar [53] => win32service [54] => oci8 [55] => PDO_OCI [56] => xmlrpc [57] => Zend Data Cache [58] => Zend Job Queue [59] => Zend Session Clustering [60] => Zend Utils [61] => Zend Optimizer+ [62] => Zend Code Tracing [63] => Zend Monitor [64] => Zend Debugger [65] => Zend Monitor UI ) One of my hosting with version 5.2.11, Cent OS Array ( [0] => date [1] => libxml [2] => openssl [3] => pcre [4] => zlib [5] => bcmath [6] => calendar [7] => ctype [8] => curl [9] => dom [10] => hash [11] => filter [12] => ftp [13] => gd [14] => gettext [15] => gmp [16] => session [17] => iconv [18] => standard [19] => json [20] => ldap [21] => mbstring [22] => mcrypt [23] => mhash [24] => ming [25] => mysql [26] => SimpleXML [27] => pgsql [28] => posix [29] => pspell [30] => Reflection [31] => imap [32] => SPL [33] => mysqli [34] => soap [35] => SQLite [36] => exif [37] => tidy [38] => tokenizer [39] => xml [40] => xmlreader [41] => xmlrpc [42] => xmlwriter [43] => xsl [44] => zip [45] => cgi-fcgi [46] => mailparse [47] => memcache [48] => PDO [49] => pdo_mysql [50] => pdo_pgsql [51] => pdo_sqlite [52] => uploadprogress [53] => ionCube Loader [54] => Zend Optimizer ) As you can see this behaviour was reproduced on 5.2.11, 5.2.13, 5.3.2 versions of php For reference you can see this event live here: http://ajaxtech.webfactional.com/test.php Previous Comments: [2010-08-20 08:04:26] ahar...@php.net I've gone back as far as 5.2.11 and I can't reproduce this either -- every version I've tested gives the same (valid) warning as Felipe got. What does "php -m" output? (If you don't have CLI access, then the output of var_dump(get_loaded_extensions()) would suffice.) [2010-08-19 04:27:33] admin dot windows at gmail dot com I don't have 5.2.14 installed on my hosting to confirm that it works on this version. However I have uploaded this script on other hosting accounts that with 5.2.11 and 5.2.13 version installed. [2010-08-19 04:08:23] fel...@php.net Hi, I am using 5.2 SVN. (PHP 5.2.14RC4-dev (cli) (built: Jul 31 2010 13:23:04) (DEBUG)) [2010-08-19 04:05:24] admin dot windows at gmail dot com Hi Felipe, you are probably using version >=5.3. This bug related to version below 5.3 and it was reproduced on server running 5.2.13
Bug #52641 [Opn]: scrambled class name passed by call_user_func on non existing methods
Edit report at http://bugs.php.net/bug.php?id=52641&edit=1
ID: 52641
User updated by:admin dot windows at gmail dot com
Reported by:admin dot windows at gmail dot com
Summary:scrambled class name passed by call_user_func on non
existing methods
Status: Open
Type: Bug
Package:Class/Object related
-Operating System: ALL
+Operating System: Linux
-PHP Version:5.2.14
+PHP Version:5.2.13
Block user comment: N
New Comment:
I don't have 5.2.14 installed on my hosting to confirm that it works on
this
version. However I have uploaded this script on other hosting accounts
that with
5.2.11 and 5.2.13 version installed.
Previous Comments:
[2010-08-19 04:08:23] fel...@php.net
Hi, I am using 5.2 SVN.
(PHP 5.2.14RC4-dev (cli) (built: Jul 31 2010 13:23:04) (DEBUG))
[2010-08-19 04:05:24] admin dot windows at gmail dot com
Hi Felipe, you are probably using version >=5.3. This bug related to
version below
5.3 and it was reproduced on server running 5.2.13
[2010-08-19 03:56:22] fel...@php.net
I cannot reproduce this.
I got the message "Warning:
call_user_func(experimental::non_existing_method): First argument is
expected to be a valid callback"
[2010-08-19 03:27:39] admin dot windows at gmail dot com
Description:
I have discovered weird call_user_func behaviour while calling non
existing method
of the class. Instead of throwing some type of warning it tries to call
non
existing class with scrambled name.
Test script:
---
%s',print_r(debug_backtrace(),true));
}
call_user_func(array('experimental','non_existing_method'));
?>
Expected result:
some king of warning or error
Actual result:
--
Array
(
[0] => Array
(
[function] => __autoload
[args] => Array
(
[0] => zybplbn6ps6m
)
)
[1] => Array
(
[file] => /www/test.php
[line] => 13
[function] => call_user_func
[args] => Array
(
[0] => Array
(
[0] => experimental
[1] => non_existing_method
)
)
)
)
--
Edit this bug report at http://bugs.php.net/bug.php?id=52641&edit=1
Bug #52641 [Com]: scrambled class name passed by call_user_func on non existing methods
Edit report at http://bugs.php.net/bug.php?id=52641&edit=1
ID: 52641
Comment by: admin dot windows at gmail dot com
Reported by:admin dot windows at gmail dot com
Summary:scrambled class name passed by call_user_func on non
existing methods
Status: Open
Type: Bug
Package:Class/Object related
Operating System: ALL
PHP Version:5.2.14
Block user comment: N
New Comment:
Hi Felipe, you are probably using version >=5.3. This bug related to
version below
5.3 and it was reproduced on server running 5.2.13
Previous Comments:
[2010-08-19 03:56:22] fel...@php.net
I cannot reproduce this.
I got the message "Warning:
call_user_func(experimental::non_existing_method): First argument is
expected to be a valid callback"
[2010-08-19 03:27:39] admin dot windows at gmail dot com
Description:
I have discovered weird call_user_func behaviour while calling non
existing method
of the class. Instead of throwing some type of warning it tries to call
non
existing class with scrambled name.
Test script:
---
%s',print_r(debug_backtrace(),true));
}
call_user_func(array('experimental','non_existing_method'));
?>
Expected result:
some king of warning or error
Actual result:
--
Array
(
[0] => Array
(
[function] => __autoload
[args] => Array
(
[0] => zybplbn6ps6m
)
)
[1] => Array
(
[file] => /www/test.php
[line] => 13
[function] => call_user_func
[args] => Array
(
[0] => Array
(
[0] => experimental
[1] => non_existing_method
)
)
)
)
--
Edit this bug report at http://bugs.php.net/bug.php?id=52641&edit=1
[PHP-BUG] Bug #52641 [NEW]: scrambled class name passed by call_user_func on non existing methods
From:
Operating system: ALL
PHP version: 5.2.14
Package: Class/Object related
Bug Type: Bug
Bug description:scrambled class name passed by call_user_func on non existing
methods
Description:
I have discovered weird call_user_func behaviour while calling non existing
method
of the class. Instead of throwing some type of warning it tries to call non
existing class with scrambled name.
Test script:
---
%s',print_r(debug_backtrace(),true));
}
call_user_func(array('experimental','non_existing_method'));
?>
Expected result:
some king of warning or error
Actual result:
--
Array
(
[0] => Array
(
[function] => __autoload
[args] => Array
(
[0] => zybplbn6ps6m
)
)
[1] => Array
(
[file] => /www/test.php
[line] => 13
[function] => call_user_func
[args] => Array
(
[0] => Array
(
[0] => experimental
[1] => non_existing_method
)
)
)
)
--
Edit bug report at http://bugs.php.net/bug.php?id=52641&edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=52641&r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=52641&r=trysnapshot53
Try a snapshot (trunk):
http://bugs.php.net/fix.php?id=52641&r=trysnapshottrunk
Fixed in SVN:
http://bugs.php.net/fix.php?id=52641&r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=52641&r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=52641&r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=52641&r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=52641&r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=52641&r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=52641&r=support
Expected behavior:
http://bugs.php.net/fix.php?id=52641&r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=52641&r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=52641&r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=52641&r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=52641&r=php4
Daylight Savings:http://bugs.php.net/fix.php?id=52641&r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=52641&r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=52641&r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=52641&r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=52641&r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=52641&r=mysqlcfg
