ID: 31237 User updated by: amcclimo at chariot dot net dot au Reported By: amcclimo at chariot dot net dot au -Status: Open +Status: Bogus Bug Type: MySQL related Operating System: OSX PHP Version: 5.0.1 New Comment:
This incorrect output is an effect of the rendering of gecko based (mozilla/firefox) browsers, the raw data coming from the webserver is correct. Previous Comments: ------------------------------------------------------------------------ [2004-12-22 00:58:29] amcclimo at chariot dot net dot au Description: ------------ mysql_real_escape_string incorrectly escapes string such as: <span style="color: #000000;"> The last double quote isn't properly escaped, the escape character is added, but the double quote is dropped: <span style=\"color: #000000;\> The reason for it failing to quote this is the space between the : and the # ... if you remove the space, the correct escaped string is returned: <span style=\"color: #000000;\"> Reproduce code: --------------- <? $link = mysql_connect($server, $user, $pass); $item = '<span style="color: #000000;">'; $escaped = mysql_real_escape_string($item); print "<pre>\n"; print "String : ".$item."\n"; print "Escaped: ".$escaped."\n"; print "</pre>"; ?> Expected result: ---------------- The expected escaped string is: <span style=\"color: #000000;\"> Actual result: -------------- The actual escaped string is: <span style=\"color: #000000;\> ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=31237&edit=1