mb_check_encoding

Hi,
I'm having some problems with mb_check_encoding.
When it's invoked without parameters does it check
all the REQUEST variables to see if their values have the same
encoding
as mb_internal_encoding() ? (This is what I understood from the
manual)
As far as I know that doesn't happen.
Here's an example file :
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
     <html>
       <head>
         <title>Help needed</title>
         <meta http-equiv="Content-Type" content=
                 "text/html; charset=utf-8" />
       </head>
       <body>
        <form action="?" method="post">
        <input type="text" name="foo" value="" />
        <input type="submit"  value="submit" />
        </form>
        <?php
mb_internal_encoding("UTF-8");
var_dump($_REQUEST) ;
echo "<p>" ;
if (mb_check_encoding()) {
   echo "request encoding ok" ;
} else {
   echo "request encoding not ok" ;
}
echo "</p>" ;
?>

       </body>
     </html>

If you post the value from your browser, all is ok because the
encoding of the page is recognized by the browser as utf-8 (I think).
But if I call that page with curl simulating an Invalid encoding
attack,
I get the same result(request encoding ok) while I should get request encoding
not ok.
Here's the command I used :
curl  --data-urlencode  $'foo=prov\xef'  
http://localhost/mine/test/encoding.php
Thank you in advance
Bye,
Giacomo

--
PHP Unicode & I18N Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Hi,

mb_check_encoding() without the first parameter is never supposed to
work properly.
I'm thinking of removing this feature.

Regards,
Moriyoshi

On Sat, Mar 21, 2009 at 7:10 AM, Giacomo Mazzocato <gmazzocato@...> wrote:
--
PHP Unicode & I18N Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php