[PHP-DEV] PHP 4.0 Bug #8071 Updated: quotes being added with readfile() From: sniper <email protected>
Date: 01/30/01

ID: 8071
Updated by: sniper
Reported By: phil <email protected>
Old-Status: Feedback
Status: Closed
Bug Type: *Session related
Assigned To:
Comments:

This should be fixed in PHP 4.0.4pl1 (or at least in the
latest CVS, try a snapshot from http://snaps.php.net/ )

--Jani

Previous Comments:
---------------------------------------------------------------------------

[2000-12-11 10:35:48] stas <email protected>
The user is using trans-sid feature.

Could you please give example of any file where it happens?

---------------------------------------------------------------------------

[2000-12-11 05:41:11] stas <email protected>
Do you use trans-sid feature?

---------------------------------------------------------------------------

[2000-12-01 16:34:52] phil <email protected>
PHP seems to be adding quotes after "=" (equal signs) when putting a binary file through to the browser via readfile().

A snippet of the code doing this:

                // Send the file. Note that PHP automatically sends the
                // private cache directives as this is part of a session.
                $size = filesize("$xferdir->path/$dload");
                header("Content-Type: $type");
                header("Content-Length: $size");
                // detect any gzip'd files and set the content encoding
                // header accordingly
                if (preg_match('/.gz$/', $file))
                        header ("Content-Encoding: gzip");
                // disable magic quotes so they don't interfere with the
                // file being sent.
// if (get_magic_quotes_runtime())
                        set_magic_quotes_runtime(0);
                // dump the file to the browser
                if (readfile("$xferdir->path/$dload") == $size) {
                        // if the file is fully downloaded
                        // add a line to the sslxfer log
                        log_xfer("$xferdir->path/$dload", "down");
                }

The script is called as "dload.php/<filename>" and then sends the given file to the user. I'll check with our legal dept (blech) on Monday and see if I can make the original and modified files available.

---------------------------------------------------------------------------

Full Bug description available at: http://bugs.php.net/?id=8071 

-- 
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: php-dev-unsubscribe <email protected>
For additional commands, e-mail: php-dev-help <email protected>
To contact the list administrators, e-mail: php-list-admin <email protected>