#50854 [NEW]: DWORD and TSRMLS_DC undefined in php.h
From: spam04 at pornel dot net Operating system: Mac OS X 10.6.2 PHP version: 5.3SVN-2010-01-27 (snap) PHP Bug Type: Compile Failure Bug description: DWORD and TSRMLS_DC undefined in php.h Description: Compile fails on: PHPAPI void php_win32_docref2_from_error(DWORD error, const char *param1, const char *param2 TSRMLS_DC); Expected result: It seems like win32-specific thing that shouldn't be compiled on OS X. -- Edit bug report at http://bugs.php.net/?id=50854edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=50854r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=50854r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=50854r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=50854r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=50854r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=50854r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=50854r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=50854r=needscript Try newer version: http://bugs.php.net/fix.php?id=50854r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=50854r=support Expected behavior: http://bugs.php.net/fix.php?id=50854r=notwrong Not enough info: http://bugs.php.net/fix.php?id=50854r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=50854r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=50854r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=50854r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=50854r=dst IIS Stability: http://bugs.php.net/fix.php?id=50854r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=50854r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=50854r=float No Zend Extensions: http://bugs.php.net/fix.php?id=50854r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=50854r=mysqlcfg
#50541 [NEW]: Missing HEADER definition
From: spam04 at pornel dot net Operating system: Mac OS X 10.5 PHP version: 5.3SVN-2009-12-21 (snap) PHP Bug Type: Compile Failure Bug description: Missing HEADER definition Description: This is regression due to Bug #50508 Reverting this change: http://svn.php.net/viewvc/?view=revisionrevision=292283 fixes the problem on Mac OS X. Actual result: -- /tmp/php5.3-200912211130/ext/standard/dns.c:302: error: syntax error before #8216;HEADER#8217; /tmp/php5.3-200912211130/ext/standard/dns.c:302: warning: no semicolon at end of struct or union /tmp/php5.3-200912211130/ext/standard/dns.c:304: error: syntax error before #8216;}#8217; token -- Edit bug report at http://bugs.php.net/?id=50541edit=1 -- Try a snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=50541r=trysnapshot52 Try a snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=50541r=trysnapshot53 Try a snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=50541r=trysnapshot60 Fixed in SVN: http://bugs.php.net/fix.php?id=50541r=fixed Fixed in SVN and need be documented: http://bugs.php.net/fix.php?id=50541r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=50541r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=50541r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=50541r=needscript Try newer version: http://bugs.php.net/fix.php?id=50541r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=50541r=support Expected behavior: http://bugs.php.net/fix.php?id=50541r=notwrong Not enough info: http://bugs.php.net/fix.php?id=50541r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=50541r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=50541r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=50541r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=50541r=dst IIS Stability: http://bugs.php.net/fix.php?id=50541r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=50541r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=50541r=float No Zend Extensions: http://bugs.php.net/fix.php?id=50541r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=50541r=mysqlcfg
#50541 [Bgs]: Missing HEADER definition
ID: 50541 User updated by: spam04 at pornel dot net Reported By: spam04 at pornel dot net Status: Bogus Bug Type: Compile Failure Operating System: Mac OS X 10.5 PHP Version: 5.3SVN-2009-12-21 (snap) New Comment: Can you tell me bug # of the duplicate? If you mean Bug #50508, then that bug is closed as fixed (it's not fixed) and does not allow any comments, which I why I had to submit another bug. Previous Comments: [2009-12-21 14:00:51] j...@php.net Please do not submit the same bug more than once. An existing bug report already describes this very problem. Even if you feel that your issue is somewhat different, the resolution is likely to be the same. Thank you for your interest in PHP. Comment in the other bug. [2009-12-21 12:27:38] spam04 at pornel dot net Description: This is regression due to Bug #50508 Reverting this change: http://svn.php.net/viewvc/?view=revisionrevision=292283 fixes the problem on Mac OS X. Actual result: -- /tmp/php5.3-200912211130/ext/standard/dns.c:302: error: syntax error before #8216;HEADER#8217; /tmp/php5.3-200912211130/ext/standard/dns.c:302: warning: no semicolon at end of struct or union /tmp/php5.3-200912211130/ext/standard/dns.c:304: error: syntax error before #8216;}#8217; token -- Edit this bug report at http://bugs.php.net/?id=50541edit=1
#50146 [NEW]: property_exists: Closure object cannot have properties
From: spam04 at pornel dot net
Operating system: *
PHP version: 5.3SVN-2009-11-11 (snap)
PHP Bug Type: Reflection related
Bug description: property_exists: Closure object cannot have properties
Description:
property_exists() rejects closures with Closure object cannot have
properties rather than simply always returning false.
Since closures pass is_object() test, it's hard to avoid this error
without testing for instanceof Closure as well, which is discouraged in
the docs.
Reproduce code:
---
$obj = function(){}
is_object($obj) property_exists($obj,'foo');
Expected result:
false
(either they should not be considered objects, or property_exists should
accept any object).
Actual result:
--
Closure object cannot have properties
--
Edit bug report at http://bugs.php.net/?id=50146edit=1
--
Try a snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=50146r=trysnapshot52
Try a snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=50146r=trysnapshot53
Try a snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=50146r=trysnapshot60
Fixed in SVN:
http://bugs.php.net/fix.php?id=50146r=fixed
Fixed in SVN and need be documented:
http://bugs.php.net/fix.php?id=50146r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=50146r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=50146r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=50146r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=50146r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=50146r=support
Expected behavior:
http://bugs.php.net/fix.php?id=50146r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=50146r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=50146r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=50146r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=50146r=php4
Daylight Savings:http://bugs.php.net/fix.php?id=50146r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=50146r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=50146r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=50146r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=50146r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=50146r=mysqlcfg
#47915 [NEW]: Support apos entity in html_entity_decode
From: spam04 at pornel dot net Operating system: * PHP version: 5.2CVS-2009-04-07 (snap) PHP Bug Type: Feature/Change Request Bug description: Support apos entity in html_entity_decode Description: XML/XHTML entity apos; is not supported by html_entity_decode(). I understand it's supposed to be for HTML decoding, but it would be nice to extend this function to support XHTML entities as well. Reproduce code: --- html_entity_decode(apos;,ENT_QUOTES); Expected result: ' Actual result: -- apos; -- Edit bug report at http://bugs.php.net/?id=47915edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=47915r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=47915r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=47915r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=47915r=fixedcvs Fixed in CVS and need be documented: http://bugs.php.net/fix.php?id=47915r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=47915r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=47915r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=47915r=needscript Try newer version: http://bugs.php.net/fix.php?id=47915r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=47915r=support Expected behavior: http://bugs.php.net/fix.php?id=47915r=notwrong Not enough info: http://bugs.php.net/fix.php?id=47915r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=47915r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=47915r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=47915r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=47915r=dst IIS Stability: http://bugs.php.net/fix.php?id=47915r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=47915r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=47915r=float No Zend Extensions: http://bugs.php.net/fix.php?id=47915r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=47915r=mysqlcfg
#47796 [NEW]: preg_replace /e modifier allows unexpected code execution
From: spam04 at pornel dot net
Operating system: *
PHP version: 5.2.9
PHP Bug Type: PCRE related
Bug description: preg_replace /e modifier allows unexpected code execution
Description:
preg_replace does not escape $ character. If double quotes are used in
replacement code, this enables unwanted injection of variables or even
execution of PHP code.
My suggestion is to escape $ character and discourage use of single
quotes in replacement code (because they're not compatible with the way
$ and are escaped).
Reproduce code:
---
// simple case:
preg_replace('/.*/e','strtoupper($0)', '$foo');
// code execution:
class test
{
function pwnd() {echo pwnd!\n;}
function replace($str)
{
preg_replace('/.*/e','strtoupper($0)', $str);
}
}
$t = new test();
$t-replace('{$this-pwnd()}');
Expected result:
$FOO
{$THIS-PWND()}
Actual result:
--
PHP Notice: Undefined variable: foo
pwnd!
--
Edit bug report at http://bugs.php.net/?id=47796edit=1
--
Try a CVS snapshot (PHP 5.2):
http://bugs.php.net/fix.php?id=47796r=trysnapshot52
Try a CVS snapshot (PHP 5.3):
http://bugs.php.net/fix.php?id=47796r=trysnapshot53
Try a CVS snapshot (PHP 6.0):
http://bugs.php.net/fix.php?id=47796r=trysnapshot60
Fixed in CVS:
http://bugs.php.net/fix.php?id=47796r=fixedcvs
Fixed in CVS and need be documented:
http://bugs.php.net/fix.php?id=47796r=needdocs
Fixed in release:
http://bugs.php.net/fix.php?id=47796r=alreadyfixed
Need backtrace:
http://bugs.php.net/fix.php?id=47796r=needtrace
Need Reproduce Script:
http://bugs.php.net/fix.php?id=47796r=needscript
Try newer version:
http://bugs.php.net/fix.php?id=47796r=oldversion
Not developer issue:
http://bugs.php.net/fix.php?id=47796r=support
Expected behavior:
http://bugs.php.net/fix.php?id=47796r=notwrong
Not enough info:
http://bugs.php.net/fix.php?id=47796r=notenoughinfo
Submitted twice:
http://bugs.php.net/fix.php?id=47796r=submittedtwice
register_globals:
http://bugs.php.net/fix.php?id=47796r=globals
PHP 4 support discontinued: http://bugs.php.net/fix.php?id=47796r=php4
Daylight Savings:http://bugs.php.net/fix.php?id=47796r=dst
IIS Stability:
http://bugs.php.net/fix.php?id=47796r=isapi
Install GNU Sed:
http://bugs.php.net/fix.php?id=47796r=gnused
Floating point limitations:
http://bugs.php.net/fix.php?id=47796r=float
No Zend Extensions:
http://bugs.php.net/fix.php?id=47796r=nozend
MySQL Configuration Error:
http://bugs.php.net/fix.php?id=47796r=mysqlcfg
#47796 [Opn]: preg_replace /e modifier allows unexpected code execution
ID: 47796
User updated by: spam04 at pornel dot net
Reported By: spam04 at pornel dot net
Status: Open
Bug Type: PCRE related
Operating System: *
PHP Version: 5.2.9
New Comment:
I forgot to add echo before preg_replace() in reproduce code.
Previous Comments:
[2009-03-26 22:36:08] spam04 at pornel dot net
Description:
preg_replace does not escape $ character. If double quotes are used in
replacement code, this enables unwanted injection of variables or even
execution of PHP code.
My suggestion is to escape $ character and discourage use of single
quotes in replacement code (because they're not compatible with the way
$ and are escaped).
Reproduce code:
---
// simple case:
preg_replace('/.*/e','strtoupper($0)', '$foo');
// code execution:
class test
{
function pwnd() {echo pwnd!\n;}
function replace($str)
{
preg_replace('/.*/e','strtoupper($0)', $str);
}
}
$t = new test();
$t-replace('{$this-pwnd()}');
Expected result:
$FOO
{$THIS-PWND()}
Actual result:
--
PHP Notice: Undefined variable: foo
pwnd!
--
Edit this bug report at http://bugs.php.net/?id=47796edit=1
#46457 [Fbk-Csd]: PDO+MySQL 5.1 gets empty username if password is empty
ID: 46457
User updated by: spam04 at pornel dot net
Reported By: spam04 at pornel dot net
-Status: Feedback
+Status: Closed
Bug Type: PDO related
Operating System: Mac OS X 10.5.5
PHP Version: 5.3CVS-2008-11-01 (snap)
Assigned To: mysql
New Comment:
I can't reproduce this anymore either, so this must have been some
weird glitch.
Thanks for looking into it.
Previous Comments:
[2008-11-17 17:14:13] [EMAIL PROTECTED]
I can't reproduce, I assume it's an issue within the server or
libmysql. Would the empty password be correct or is it just lost for the
error message?
Could you also try changing pdo_mysql_handle_factory() in
ext/pdo_mysql/mysql_driver.c so that
if (mysql_real_connect(H-server, host, dbh-username,
dbh-password, dbname, port, unix_socket, connect_opts) == NULL) {
pdo_mysql_error(dbh);
goto cleanup;
}
reads something like (adding a php_printf() call)
if (mysql_real_connect(H-server, host, dbh-username,
dbh-password, dbname, port, unix_socket, connect_opts) == NULL) {
php_printf(User: %s, dbh-username);
pdo_mysql_error(dbh);
goto cleanup;
}
and then recompile PHP?
The username is then printed in case of an error so we can verify it
isn't lost. If that username is correct it's a MySQL issue, else I'd
have to do further investigation on PHP side.
[2008-11-01 18:11:06] spam04 at pornel dot net
(fixed summary)
[2008-11-01 18:10:18] spam04 at pornel dot net
Description:
When connecting to MySQL 5.1 (mysql-5.1.29-rc-osx10.5-x86_64 to be
exact) with empty password in PDO::__construct(), MySQL receives empty
username.
Seems like bug #43493 (I've tried on snapshot from 10 minutes ago, so
it's not fixed in CVS, at least not for MySQL)
Actual result:
--
new PDO(mysql:dbname=database,username,'');
results in:
SQLSTATE[42000] [1044] Access denied for user ''@'localhost' to
database 'database'
Note that MySQL got empty username.
However:
$dest_db = new PDO(mysql:dbname=database,username,'password');
gives expected error:
SQLSTATE[28000] [1045] Access denied for user 'username'@'localhost'
(using password: YES)
--
Edit this bug report at http://bugs.php.net/?id=46457edit=1
#46457 [NEW]: PDO+MySQL 5.1 gets empty username wrong if password is empty
From: spam04 at pornel dot net Operating system: Mac OS X 10.5.5 PHP version: 5.3CVS-2008-11-01 (snap) PHP Bug Type: PDO related Bug description: PDO+MySQL 5.1 gets empty username wrong if password is empty Description: When connecting to MySQL 5.1 (mysql-5.1.29-rc-osx10.5-x86_64 to be exact) with empty password in PDO::__construct(), MySQL receives empty username. Seems like bug #43493 (I've tried on snapshot from 10 minutes ago, so it's not fixed in CVS, at least not for MySQL) Actual result: -- new PDO(mysql:dbname=database,username,''); results in: SQLSTATE[42000] [1044] Access denied for user ''@'localhost' to database 'database' Note that MySQL got empty username. However: $dest_db = new PDO(mysql:dbname=database,username,'password'); gives expected error: SQLSTATE[28000] [1045] Access denied for user 'username'@'localhost' (using password: YES) -- Edit bug report at http://bugs.php.net/?id=46457edit=1 -- Try a CVS snapshot (PHP 5.2): http://bugs.php.net/fix.php?id=46457r=trysnapshot52 Try a CVS snapshot (PHP 5.3): http://bugs.php.net/fix.php?id=46457r=trysnapshot53 Try a CVS snapshot (PHP 6.0): http://bugs.php.net/fix.php?id=46457r=trysnapshot60 Fixed in CVS: http://bugs.php.net/fix.php?id=46457r=fixedcvs Fixed in CVS and need be documented: http://bugs.php.net/fix.php?id=46457r=needdocs Fixed in release: http://bugs.php.net/fix.php?id=46457r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=46457r=needtrace Need Reproduce Script: http://bugs.php.net/fix.php?id=46457r=needscript Try newer version: http://bugs.php.net/fix.php?id=46457r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=46457r=support Expected behavior: http://bugs.php.net/fix.php?id=46457r=notwrong Not enough info: http://bugs.php.net/fix.php?id=46457r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=46457r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=46457r=globals PHP 4 support discontinued: http://bugs.php.net/fix.php?id=46457r=php4 Daylight Savings:http://bugs.php.net/fix.php?id=46457r=dst IIS Stability: http://bugs.php.net/fix.php?id=46457r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=46457r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=46457r=float No Zend Extensions: http://bugs.php.net/fix.php?id=46457r=nozend MySQL Configuration Error: http://bugs.php.net/fix.php?id=46457r=mysqlcfg
#46457 [Opn]: PDO+MySQL 5.1 gets empty username if password is empty
ID: 46457 User updated by: spam04 at pornel dot net -Summary: PDO+MySQL 5.1 gets empty username wrong if password is empty Reported By: spam04 at pornel dot net Status: Open Bug Type: PDO related Operating System: Mac OS X 10.5.5 PHP Version: 5.3CVS-2008-11-01 (snap) New Comment: (fixed summary) Previous Comments: [2008-11-01 18:10:18] spam04 at pornel dot net Description: When connecting to MySQL 5.1 (mysql-5.1.29-rc-osx10.5-x86_64 to be exact) with empty password in PDO::__construct(), MySQL receives empty username. Seems like bug #43493 (I've tried on snapshot from 10 minutes ago, so it's not fixed in CVS, at least not for MySQL) Actual result: -- new PDO(mysql:dbname=database,username,''); results in: SQLSTATE[42000] [1044] Access denied for user ''@'localhost' to database 'database' Note that MySQL got empty username. However: $dest_db = new PDO(mysql:dbname=database,username,'password'); gives expected error: SQLSTATE[28000] [1045] Access denied for user 'username'@'localhost' (using password: YES) -- Edit this bug report at http://bugs.php.net/?id=46457edit=1
