ID: 42718 Updated by: [EMAIL PROTECTED] Reported By: arnaud dot lb at gmail dot com Status: Open Bug Type: Filter related Operating System: * PHP Version: 5CVS-2008-11-01 Assigned To: pajoye New Comment:
Yes, revert was the best option for now. I will dig into it on Monday and re read the discussions about that (there was some discussions about this whole thing when we added filter to core). Previous Comments: ------------------------------------------------------------------------ [2008-12-06 19:17:09] [EMAIL PROTECTED] > That's wrong This is exactly what you said one year ago, just before it was demonstrated that FILTER_UNSAFE_RAW actually does something (according to documentation, code, and examples), and the bug has been assigned to you. That said, I'm not rejecting the fault on anyone, and the important is to revert, which is done. ------------------------------------------------------------------------ [2008-12-06 18:25:20] [EMAIL PROTECTED] ooch. I did not catch in this bug before, but there is a major misunderstanding in the first comment. "The unsafe_raw filter does nothing by default, but it can "optionally strip or encode special characters", and it is the only filter which is able to do that without doing any other filtering." That's wrong. UNSAFE_RAW, the key word here is RAW. It means that the data is returned unfiltered, without flag, nothing, nada. If this behavior has been changed then please revert it. I did not check if it is present in 5.2.7 (it seems to be, as said in this report or another), that may require a quick fix release (Ilia?). ------------------------------------------------------------------------ [2008-12-06 17:52:37] [EMAIL PROTECTED] All my apologizes for this broken fix. A quick workaround for 5.2.7 users is to add the following in the php.ini: filter.default_flags=0 Scott has reverted this and this bug is not present in CVS. ------------------------------------------------------------------------ [2008-12-06 17:32:55] [EMAIL PROTECTED] This is a proposed fix for this bug that will keep old behavior. Another fix could be simply to test IF_G(default_filter_flags) against FILTER_FLAG_NO_ENCODE_QUOTES instead of 0. http://ookoo.org/svn/snip/php_5_2-broken_filter_and_magic_quotes.patch ------------------------------------------------------------------------ [2008-12-06 17:18:40] [EMAIL PROTECTED] Reopening, this patch broke magic_quotes_gpc and has been backed out. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/42718 -- Edit this bug report at http://bugs.php.net/?id=42718&edit=1
