[PHP-BUG] Bug #62683 [NEW]: FILTER_SANITIZE_SPECIAL_CHARS does not work as declared
From: admin dot windows at gmail dot com Operating system: Windows/Linux PHP version: 5.3.15 Package: Filter related Bug Type: Bug Bug description:FILTER_SANITIZE_SPECIAL_CHARS does not work as declared Description: FILTER_SANITIZE_SPECIAL_CHARS and FILTER_SANITIZE_FULL_SPECIAL_CHARS does not work as documented and produced results does not match htmlspecialchars results at all. Test script: --- $string = "O'Reilly - PHP Tips & Tricks"; //string 'O'Reilly - PHP Tips & Tricks' (length=44) var_dump($string); //string '<a href="#">O'Reilly - PHP Tips & Tricks</a>' (length=75) var_dump(htmlspecialchars($string, ENT_QUOTES)); //string '<a href="#">O'Reilly - PHP Tips & Tricks</a>' (length=76) var_dump(filter_var($string, FILTER_SANITIZE_SPECIAL_CHARS)); //string '<a href="#">O'Reilly - PHP Tips & Tricks</a>' (length=76) var_dump(filter_var($string, FILTER_SANITIZE_FULL_SPECIAL_CHARS)); Expected result: //string '<a href="#">O'Reilly - PHP Tips & Tricks</a>' (length=75) Actual result: -- //string '<a href="#">O'Reilly - PHP Tips & Tricks</a>' (length=76) -- Edit bug report at https://bugs.php.net/bug.php?id=62683&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=62683&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=62683&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=62683&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=62683&r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=62683&r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=62683&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=62683&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=62683&r=needscript Try newer version: https://bugs.php.net/fix.php?id=62683&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=62683&r=support Expected behavior: https://bugs.php.net/fix.php?id=62683&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=62683&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=62683&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=62683&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=62683&r=php4 Daylight Savings:https://bugs.php.net/fix.php?id=62683&r=dst IIS Stability: https://bugs.php.net/fix.php?id=62683&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=62683&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=62683&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=62683&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=62683&r=mysqlcfg
Bug #61766 [Fbk->Opn]: call_user_func sends scrambled class name to autoload
Edit report at https://bugs.php.net/bug.php?id=61766&edit=1 ID: 61766 User updated by:admin dot windows at gmail dot com Reported by:admin dot windows at gmail dot com Summary:call_user_func sends scrambled class name to autoload -Status: Feedback +Status: Open Type: Bug Package:*General Issues Operating System: ALL PHP Version:5.3.10 Block user comment: N Private report: N New Comment: Unfortunately I don't have rights to enable or disable modules on my cloud, I would pass this issue to my hosting support. Also I noticed that server is protected with the Suhosin Patch 0.9.10 can it cause this behavior? Previous Comments: [2012-04-19 09:21:26] johan...@php.net Please disable ionCube Loader, Zend Guard Loader and XCache as all of these 3rd party modules change the engine's behaviour. [2012-04-19 09:06:56] admin dot windows at gmail dot com Hi, I have following extensions enabled on my hosting (Rackspace): Core, date, ereg, libxml, openssl, pcre, sqlite3, zlib, bz2, calendar, ctype, hash, filter, ftp, gettext, gmp, SPL, iconv, Reflection, session, standard, shmop, SimpleXML, sockets, exif, tokenizer, xml, apache2handler, bcmath, curl, dba, dom, fileinfo, gd, imagick, imap, intl, json, ldap, pdf, mbstring, mcrypt, memcache, mongo, mssql, mysql, mysqli, odbc, PDO, pdo_dblib, pdo_mysql, PDO_ODBC, pdo_pgsql, pdo_sqlite, pgsql, Phar, posix, pspell, recode, redis, snmp, soap, sysvmsg, sysvsem, sysvshm, tidy, uploadprogress, wddx, xmlreader, xmlrpc, xmlwriter, xsl, yaz, zip, ionCube Loader, Zend Guard Loader, XCache [2012-04-19 07:07:33] ahar...@php.net I can't reproduce this. What extensions do you have enabled? [2012-04-18 15:19:23] admin dot windows at gmail dot com Description: I have discovered weird behaviour of call_user_func that breaks class autoloader by providing scrambled class name for example instead of "myObject" it provides "zw87zl18". This event only occurs if you are using custom class autoloader and requesting static method that is not declared as static. Test script: --- //FILE: myObject.php class myObject { public static function method1(){var_dump(__METHOD__);} public function method2(){var_dump(__METHOD__);} } //FILE: index.php ini_set('display_errors', TRUE); function __autoload($className) { include sprintf('%s/%s.php', getcwd(), $className); } call_user_func(array('myObject', 'method1'));//works fine call_user_func(array('myObject', 'method2'));//produce an error Expected result: string(17) "myObject::method1" string(17) "myObject::method2" Actual result: -- string(17) "myObject::method1" Warning: include(/www/zw87zl18.php) [function.include]: failed to open stream: No such file or directory in /www/index.php on line 9 Warning: include() [function.include]: Failed opening '/www/zw87zl18.php' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /www/index.php on line 9 Warning: include(/www/zw87zl18.php) [function.include]: failed to open stream: No such file or directory in /www/index.php on line 9 Warning: include() [function.include]: Failed opening '/www/zw87zl18.php' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /www/index.php on line 9 string(17) "myObject::method2" -- Edit this bug report at https://bugs.php.net/bug.php?id=61766&edit=1
Bug #61766 [Fbk->Opn]: call_user_func sends scrambled class name to autoload
Edit report at https://bugs.php.net/bug.php?id=61766&edit=1 ID: 61766 User updated by:admin dot windows at gmail dot com Reported by:admin dot windows at gmail dot com Summary:call_user_func sends scrambled class name to autoload -Status: Feedback +Status: Open Type: Bug Package:*General Issues Operating System: ALL PHP Version:5.3.10 Block user comment: N Private report: N New Comment: Hi, I have following extensions enabled on my hosting (Rackspace): Core, date, ereg, libxml, openssl, pcre, sqlite3, zlib, bz2, calendar, ctype, hash, filter, ftp, gettext, gmp, SPL, iconv, Reflection, session, standard, shmop, SimpleXML, sockets, exif, tokenizer, xml, apache2handler, bcmath, curl, dba, dom, fileinfo, gd, imagick, imap, intl, json, ldap, pdf, mbstring, mcrypt, memcache, mongo, mssql, mysql, mysqli, odbc, PDO, pdo_dblib, pdo_mysql, PDO_ODBC, pdo_pgsql, pdo_sqlite, pgsql, Phar, posix, pspell, recode, redis, snmp, soap, sysvmsg, sysvsem, sysvshm, tidy, uploadprogress, wddx, xmlreader, xmlrpc, xmlwriter, xsl, yaz, zip, ionCube Loader, Zend Guard Loader, XCache Previous Comments: [2012-04-19 07:07:33] ahar...@php.net I can't reproduce this. What extensions do you have enabled? [2012-04-18 15:19:23] admin dot windows at gmail dot com Description: I have discovered weird behaviour of call_user_func that breaks class autoloader by providing scrambled class name for example instead of "myObject" it provides "zw87zl18". This event only occurs if you are using custom class autoloader and requesting static method that is not declared as static. Test script: --- //FILE: myObject.php class myObject { public static function method1(){var_dump(__METHOD__);} public function method2(){var_dump(__METHOD__);} } //FILE: index.php ini_set('display_errors', TRUE); function __autoload($className) { include sprintf('%s/%s.php', getcwd(), $className); } call_user_func(array('myObject', 'method1'));//works fine call_user_func(array('myObject', 'method2'));//produce an error Expected result: string(17) "myObject::method1" string(17) "myObject::method2" Actual result: -- string(17) "myObject::method1" Warning: include(/www/zw87zl18.php) [function.include]: failed to open stream: No such file or directory in /www/index.php on line 9 Warning: include() [function.include]: Failed opening '/www/zw87zl18.php' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /www/index.php on line 9 Warning: include(/www/zw87zl18.php) [function.include]: failed to open stream: No such file or directory in /www/index.php on line 9 Warning: include() [function.include]: Failed opening '/www/zw87zl18.php' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /www/index.php on line 9 string(17) "myObject::method2" -- Edit this bug report at https://bugs.php.net/bug.php?id=61766&edit=1
[PHP-BUG] Bug #61766 [NEW]: call_user_func sends scrambled class name to autoload
From: Operating system: ALL PHP version: 5.3.10 Package: *General Issues Bug Type: Bug Bug description:call_user_func sends scrambled class name to autoload Description: I have discovered weird behaviour of call_user_func that breaks class autoloader by providing scrambled class name for example instead of "myObject" it provides "zw87zl18". This event only occurs if you are using custom class autoloader and requesting static method that is not declared as static. Test script: --- //FILE: myObject.php class myObject { public static function method1(){var_dump(__METHOD__);} public function method2(){var_dump(__METHOD__);} } //FILE: index.php ini_set('display_errors', TRUE); function __autoload($className) { include sprintf('%s/%s.php', getcwd(), $className); } call_user_func(array('myObject', 'method1'));//works fine call_user_func(array('myObject', 'method2'));//produce an error Expected result: string(17) "myObject::method1" string(17) "myObject::method2" Actual result: -- string(17) "myObject::method1" Warning: include(/www/zw87zl18.php) [function.include]: failed to open stream: No such file or directory in /www/index.php on line 9 Warning: include() [function.include]: Failed opening '/www/zw87zl18.php' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /www/index.php on line 9 Warning: include(/www/zw87zl18.php) [function.include]: failed to open stream: No such file or directory in /www/index.php on line 9 Warning: include() [function.include]: Failed opening '/www/zw87zl18.php' for inclusion (include_path='.:/usr/share/pear:/usr/share/php') in /www/index.php on line 9 string(17) "myObject::method2" -- Edit bug report at https://bugs.php.net/bug.php?id=61766&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=61766&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=61766&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=61766&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=61766&r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=61766&r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=61766&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=61766&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=61766&r=needscript Try newer version: https://bugs.php.net/fix.php?id=61766&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=61766&r=support Expected behavior: https://bugs.php.net/fix.php?id=61766&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=61766&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=61766&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=61766&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=61766&r=php4 Daylight Savings:https://bugs.php.net/fix.php?id=61766&r=dst IIS Stability: https://bugs.php.net/fix.php?id=61766&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=61766&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=61766&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=61766&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=61766&r=mysqlcfg
Bug #52641 [Com]: scrambled class name passed by call_user_func on non existing methods
Edit report at http://bugs.php.net/bug.php?id=52641&edit=1 ID: 52641 Comment by: admin dot windows at gmail dot com Reported by:admin dot windows at gmail dot com Summary:scrambled class name passed by call_user_func on non existing methods Status: Feedback Type: Bug Package:Class/Object related Operating System: Linux PHP Version:5.2.13 Block user comment: N New Comment: Here is output of get_loaded_extensions() on my local system PHP v 5.3.2, WIN 7 64bit. Array ( [0] => Core [1] => com_dotnet [2] => ctype [3] => date [4] => ereg [5] => filter [6] => ftp [7] => hash [8] => iconv [9] => json [10] => session [11] => openssl [12] => pcre [13] => Reflection [14] => standard [15] => SPL [16] => mysqlnd [17] => zlib [18] => libxml [19] => dom [20] => PDO [21] => pdo_sqlite [22] => SimpleXML [23] => xml [24] => cgi-fcgi [25] => bcmath [26] => bz2 [27] => calendar [28] => curl [29] => exif [30] => gd [31] => gettext [32] => imap [33] => ldap [34] => mbstring [35] => mcrypt [36] => mysql [37] => mysqli [38] => pdo_mysql [39] => pdo_pgsql [40] => pgsql [41] => soap [42] => sockets [43] => tidy [44] => tokenizer [45] => xsl [46] => zip [47] => intl [48] => SQLite [49] => xmlreader [50] => xmlwriter [51] => fileinfo [52] => Phar [53] => win32service [54] => oci8 [55] => PDO_OCI [56] => xmlrpc [57] => Zend Data Cache [58] => Zend Job Queue [59] => Zend Session Clustering [60] => Zend Utils [61] => Zend Optimizer+ [62] => Zend Code Tracing [63] => Zend Monitor [64] => Zend Debugger [65] => Zend Monitor UI ) One of my hosting with version 5.2.11, Cent OS Array ( [0] => date [1] => libxml [2] => openssl [3] => pcre [4] => zlib [5] => bcmath [6] => calendar [7] => ctype [8] => curl [9] => dom [10] => hash [11] => filter [12] => ftp [13] => gd [14] => gettext [15] => gmp [16] => session [17] => iconv [18] => standard [19] => json [20] => ldap [21] => mbstring [22] => mcrypt [23] => mhash [24] => ming [25] => mysql [26] => SimpleXML [27] => pgsql [28] => posix [29] => pspell [30] => Reflection [31] => imap [32] => SPL [33] => mysqli [34] => soap [35] => SQLite [36] => exif [37] => tidy [38] => tokenizer [39] => xml [40] => xmlreader [41] => xmlrpc [42] => xmlwriter [43] => xsl [44] => zip [45] => cgi-fcgi [46] => mailparse [47] => memcache [48] => PDO [49] => pdo_mysql [50] => pdo_pgsql [51] => pdo_sqlite [52] => uploadprogress [53] => ionCube Loader [54] => Zend Optimizer ) As you can see this behaviour was reproduced on 5.2.11, 5.2.13, 5.3.2 versions of php For reference you can see this event live here: http://ajaxtech.webfactional.com/test.php Previous Comments: [2010-08-20 08:04:26] ahar...@php.net I've gone back as far as 5.2.11 and I can't reproduce this either -- every version I've tested gives the same (valid) warning as Felipe got. What does "php -m" output? (If you don't have CLI access, then the output of var_dump(get_loaded_extensions()) would suffice.) [2010-08-19 04:27:33] admin dot windows at gmail dot com I don't have 5.2.14 installed on my hosting to confirm that it works on this version. However I have uploaded this script on other hosting accounts that with 5.2.11 and 5.2.13 version installed. [2010-08-19 04:08:23] fel...@php.net Hi, I am using 5.2 SVN. (PHP 5.2.14RC4-dev (cli) (built: Jul 31 2010 13:23:04) (DEBUG)) [2010-08-19 04:05:24] admin dot windows at gmail dot com Hi Felipe, you are probably using version >=5.3. This bug related to version below 5.3 and it was reproduced on server running 5.2.13
Bug #52641 [Opn]: scrambled class name passed by call_user_func on non existing methods
Edit report at http://bugs.php.net/bug.php?id=52641&edit=1 ID: 52641 User updated by:admin dot windows at gmail dot com Reported by:admin dot windows at gmail dot com Summary:scrambled class name passed by call_user_func on non existing methods Status: Open Type: Bug Package:Class/Object related -Operating System: ALL +Operating System: Linux -PHP Version:5.2.14 +PHP Version:5.2.13 Block user comment: N New Comment: I don't have 5.2.14 installed on my hosting to confirm that it works on this version. However I have uploaded this script on other hosting accounts that with 5.2.11 and 5.2.13 version installed. Previous Comments: [2010-08-19 04:08:23] fel...@php.net Hi, I am using 5.2 SVN. (PHP 5.2.14RC4-dev (cli) (built: Jul 31 2010 13:23:04) (DEBUG)) [2010-08-19 04:05:24] admin dot windows at gmail dot com Hi Felipe, you are probably using version >=5.3. This bug related to version below 5.3 and it was reproduced on server running 5.2.13 [2010-08-19 03:56:22] fel...@php.net I cannot reproduce this. I got the message "Warning: call_user_func(experimental::non_existing_method): First argument is expected to be a valid callback" [2010-08-19 03:27:39] admin dot windows at gmail dot com Description: I have discovered weird call_user_func behaviour while calling non existing method of the class. Instead of throwing some type of warning it tries to call non existing class with scrambled name. Test script: --- %s',print_r(debug_backtrace(),true)); } call_user_func(array('experimental','non_existing_method')); ?> Expected result: some king of warning or error Actual result: -- Array ( [0] => Array ( [function] => __autoload [args] => Array ( [0] => zybplbn6ps6m ) ) [1] => Array ( [file] => /www/test.php [line] => 13 [function] => call_user_func [args] => Array ( [0] => Array ( [0] => experimental [1] => non_existing_method ) ) ) ) -- Edit this bug report at http://bugs.php.net/bug.php?id=52641&edit=1
Bug #52641 [Com]: scrambled class name passed by call_user_func on non existing methods
Edit report at http://bugs.php.net/bug.php?id=52641&edit=1 ID: 52641 Comment by: admin dot windows at gmail dot com Reported by:admin dot windows at gmail dot com Summary:scrambled class name passed by call_user_func on non existing methods Status: Open Type: Bug Package:Class/Object related Operating System: ALL PHP Version:5.2.14 Block user comment: N New Comment: Hi Felipe, you are probably using version >=5.3. This bug related to version below 5.3 and it was reproduced on server running 5.2.13 Previous Comments: [2010-08-19 03:56:22] fel...@php.net I cannot reproduce this. I got the message "Warning: call_user_func(experimental::non_existing_method): First argument is expected to be a valid callback" [2010-08-19 03:27:39] admin dot windows at gmail dot com Description: I have discovered weird call_user_func behaviour while calling non existing method of the class. Instead of throwing some type of warning it tries to call non existing class with scrambled name. Test script: --- %s',print_r(debug_backtrace(),true)); } call_user_func(array('experimental','non_existing_method')); ?> Expected result: some king of warning or error Actual result: -- Array ( [0] => Array ( [function] => __autoload [args] => Array ( [0] => zybplbn6ps6m ) ) [1] => Array ( [file] => /www/test.php [line] => 13 [function] => call_user_func [args] => Array ( [0] => Array ( [0] => experimental [1] => non_existing_method ) ) ) ) -- Edit this bug report at http://bugs.php.net/bug.php?id=52641&edit=1
[PHP-BUG] Bug #52641 [NEW]: scrambled class name passed by call_user_func on non existing methods
From: Operating system: ALL PHP version: 5.2.14 Package: Class/Object related Bug Type: Bug Bug description:scrambled class name passed by call_user_func on non existing methods Description: I have discovered weird call_user_func behaviour while calling non existing method of the class. Instead of throwing some type of warning it tries to call non existing class with scrambled name. Test script: --- %s',print_r(debug_backtrace(),true)); } call_user_func(array('experimental','non_existing_method')); ?> Expected result: some king of warning or error Actual result: -- Array ( [0] => Array ( [function] => __autoload [args] => Array ( [0] => zybplbn6ps6m ) ) [1] => Array ( [file] => /www/test.php [line] => 13 [function] => call_user_func [args] => Array ( [0] => Array ( [0] => experimental [1] => non_existing_method ) ) ) ) -- Edit bug report at http://bugs.php.net/bug.php?id=52641&edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=52641&r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=52641&r=trysnapshot53 Try a snapshot (trunk): http://bugs.php.net/fix.php?id=52641&r=trysnapshottrunk Fixed in SVN: http://bugs.php.net/fix.php?id=52641&r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=52641&r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=52641&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=52641&r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=52641&r=needscript Try newer version: http://bugs.php.net/fix.php?id=52641&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=52641&r=support Expected behavior: http://bugs.php.net/fix.php?id=52641&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=52641&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=52641&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=52641&r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=52641&r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=52641&r=dst IIS Stability: http://bugs.php.net/fix.php?id=52641&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=52641&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=52641&r=float No Zend Extensions: http://bugs.php.net/fix.php?id=52641&r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=52641&r=mysqlcfg