parse_url fails if passing '@' in passwd

Bug #38859	parse_url fails if passing '@' in passwd
Submitted:	2006-09-17 10:54 UTC	Modified:	2006-09-28 15:16 UTC
From:	schappy at mail dot ru	Assigned:	iliaa (profile)
Status:	Closed	Package:	URL related
PHP Version:	4.4.4	OS:	all
Private report:	No	CVE-ID:	None

[2006-09-17 10:54 UTC] schappy at mail dot ru

Description:
------------
If you specify a username/password containing a '@'-sign the parse_url will not decode the password correctly.

See example below.

While parsing the string, it should be used the last index of '@' to find the hostname instead of the first occurence.

Reproduce code:
---------------
<?php
$url = 'http://user:@pass@host/path?argument?value#etc';

print_r(parse_url($url));
?>

Array
(
    [scheme] => http
    [host] => pass@host
    [user] => user
    [path] => /path
    [query] => argument?value
    [fragment] => etc
)

Expected result:
----------------
<?php
$url = 'http://user:@pass@host/path?argument?value#etc';

print_r(parse_url($url));
?>

Array
(
    [scheme] => http
    [pass] => @pass
    [host] => host
    [user] => user
    [path] => /path
    [query] => argument?value
    [fragment] => etc
)

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2006-09-28 15:16 UTC] iliaa@php.net

This bug has been fixed in CVS.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.
 
Thank you for the report, and for helping us make PHP better.