|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2006-05-26 22:07 UTC] helly@php.net
[2006-06-03 01:00 UTC] php-bugs at lists dot php dot net
[2008-03-19 13:36 UTC] php at nineberry dot de
[2008-03-22 22:26 UTC] johannes@php.net
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2024 The PHP GroupAll rights reserved. |
Last updated: Thu Apr 25 00:01:41 2024 UTC |
Description: ------------ When assigning values to node parameters, entities are not escaped, however when reading values, the entities are replaced by their meaning. i.e. assigning and reading behave assymetric. Suggestion: Add escaping of values that are assigned. Kind of workaround: Use htmlspecialchars() manually on values before assigning. (This workaround will not work for ') Reproduce code: --------------- <?php $rawxml = '<root par="F" />'; $test = 'A " B'; $rr = simplexml_load_string($rawxml); header("Content-Type: text/plain"); echo($rr["par"]); echo("\n"); echo("\n"); $rr["par"] = $test; echo($rr->asXML()); echo("\n"); echo($rr["par"]); echo("\n"); ?> Expected result: ---------------- F <?xml version="1.0"?> <root par="A "quot; B"/> A " B Actual result: -------------- F <?xml version="1.0"?> <root par="A " B"/> A " B