ZF-3004: Default escaper modifies NULL values into empty strings

Issue Type: Bug Created: 2008-03-31T20:12:03.000+0000 Last Updated: 2008-11-15T10:56:05.000+0000 Status: Resolved Fix version(s): - 1.8.0 (30/Apr/09)

Reporter: Eran Galperin (erangalp) Assignee: Benjamin Eberlei (beberlei) Tags: - Zend_Filter_Input

Related issues: Attachments:


When using the Zend_Filter_Input component it is usually in preparation for database insert/update queries. Sometimes it is necessary to pass a NULL value in such a query (for example, to reset a previously set field that is NULL by default). Unfortunately the default escaper, htmlentities, converts NULL values into empty strings which prevents such data from passing a Zend_Filter_Input process.

This could be seen as a PHP bug (why is null converted to empty string?) but as it stands it should be possible to pass null values through a Zend_Filter_Input.

I've created a temporary patch in my local build of the framework (1.5.1)

Zend_Filter_Input.php, line 349:

<pre class="highlight">
protected function _escapeRecursive($data)
            return $data;


Posted by Wil Sinclair (wil) on 2008-04-18T16:58:30.000+0000

Please evaluate and categorize/assign as necessary.

Posted by Benjamin Eberlei (beberlei) on 2008-11-15T10:56:05.000+0000

Fixed in trunk as of r12669

Have you found an issue?

See the Overview section for more details.


© 2006-2018 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.