sigmasternchen/php-doc-en
1
0
Fork 0
mirror of https://github.com/sigmasternchen/php-doc-en synced 2025-03-16 00:48:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix #39521: DOMDocument::createElement() does not escape its parameters properly

Browse source 
git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@339438 c90b9560-bf6c-de11-be94-00142212c4b1
This commit is contained in:
Christoph Michael Becker 2016-06-21 16:14:05 +00:00
parent dd7e785144
commit 3e78b76ce4
1 changed files with 29 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
reference/dom/domdocument/createelement.xml
View file

@ -37,6 +37,12 @@
The value can also be set later with <link
linkend="domnode.props.nodevalue">DOMElement::$nodeValue</link>.
</para>
<para>
The value is used verbatim except that the &lt; and &gt; entity
references will escaped. Note that &amp; has to be manually escaped;
otherwise it is regarded as starting an entity reference. Also " won't be
escaped.
</para>
</listitem>
</varlistentry>
</variablelist>
@ -89,6 +95,29 @@ echo $dom->saveXML();
<![CDATA[
<?xml version="1.0" encoding="utf-8"?>
<test>This is the root element!</test>
]]>
</screen>
</example>
</para>
<para>
<example>
<title>Passing text containing an unescaped &amp; as <parameter>value</parameter></title>
<programlisting role="php">
<![CDATA[
<?php
$dom = new DOMDocument('1.0', 'utf-8');
$element = $dom->createElement('foo', 'me & you');
$dom->appendChild($element);
echo $dom->saveXML();
?>
]]>
</programlisting>
&example.outputs.similar;
<screen>
<![CDATA[
Warning: DOMDocument::createElement(): unterminated entity reference you in /in/BjTCg on line 4
<?xml version="1.0" encoding="utf-8"?>
<foo/>
]]>
</screen>
</example>