Re: PHP -r, -a and .php return different results based upon " or ' marks !? [BUG]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 11/06/2010, at 12:49 PM, Daevid Vincent wrote:

> Chew on this...
> 
> developer@mypse:~$ cat ./md5test.php
> #!/usr/bin/php
> <?php
> $password = '12345678';
> echo md5(strtoupper($password));
> echo "\n";
> echo md5(strtoupper('12345678'));
> echo "\n";
> 
> $password = '$12345678';
> echo md5(strtoupper($password));
> echo "\n";
> echo md5(strtoupper('$12345678'));
> echo "\n";
> ?>
> 
> developer@mypse:~$ ./md5test.php
> 25d55ad283aa400af464c76d713c07ad
> 25d55ad283aa400af464c76d713c07ad
> 2d05c0e3d6d22343123eae7f5678e34c
> 2d05c0e3d6d22343123eae7f5678e34c
> 
> developer@mypse:~$ php -r "echo md5(strtoupper('12345678'));"
> 25d55ad283aa400af464c76d713c07ad
> 
> developer@mypse:~$ php -a
> Interactive shell
> php > echo md5(strtoupper('$12345678'));
> 2d05c0e3d6d22343123eae7f5678e34c
> 
> developer@mypse:~$ php -r "echo md5(strtoupper('$12345678'));"
> b3275960d68fda9d831facc0426c3bbc
> 
> Why is the "-r" command line version different?
> 
> man php:
> 
>       Using parameter -r you can directly execute  PHP  code  simply  as
> you
>       would do inside a .php file when using the eval() function.
> 
> developer@mypse:~$ php -v
> PHP 5.2.4-2ubuntu5.10 with Suhosin-Patch 0.9.6.2 (cli) (built: Jan  6 2010
> 22:01:14)
> Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies
> 
> Then I tried it again on two different servers with the same result:
> 
> PHP 5.2.6-2ubuntu4.6 with Suhosin-Patch 0.9.6.2 (cli) (built: Jan  6 2010
> 22:03:33)
> Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies
> 
> PHP 5.3.2-1ubuntu4.2 with Suhosin-Patch (cli) (built: May 13 2010 20:01:00)
> 
> Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
> 
> So now it get's more interesting...
> 
> A co-worker suggested to reverse the quotes:
> 
> developer@mypse:~$ php -r 'echo md5(strtoupper("$12345678"));'
> 2d05c0e3d6d22343123eae7f5678e34c
> 
> Note the use of the single and double quotes are reversed. This gives me
> the RIGHT checksum.
> 
> To me this version is syntactically wrong because the " would indicate in
> normal PHP to pre-parse the literal $12345678 and treat $1 as some kind of
> variable or something. Whereas a ' says use the literal AS IS.
> 
> Not to mention that it is completely confusing that -r gives different
> results than -a and using it in a .php file all together. 
> 
> IF quotes are a factor (as they seem to be), then the -r PHP
> behind-the-scenes code should flip them around or something so the
> developer doesn't have to be concerned with this edge case nonsense. 
> 
> Sanity would dictate that all ways of executing the SAME PHP code would
> give the SAME results.
> 
> *sigh*

It's your shell doing what it's supposed to, by replacing $12345678, when the entire string's in double quotes, with the contents of the shell variable 12345678 (most likely nothing), so all that PHP sees is: echo md5(strtoupper(''));
---
Simon Welsh
Admin of http://simon.geek.nz/

Who said Microsoft never created a bug-free program? The blue screen never, ever crashes!

http://www.thinkgeek.com/brain/gimme.cgi?wid=81d520e5e





-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux