libxml_set_external_entity_loader Changes the default external entity loader &reftitle.description; boollibxml_set_external_entity_loader callablenullresolver_function Changes the default external entity loader. This can be used to suppress the expansion of arbitrary external entities to avoid XXE attacks, even when LIBXML_NOENT has been set for the respective operation, and is usually preferable over calling libxml_disable_entity_loader. &reftitle.parameters; resolver_function A callable with the following signature: resourcestringnullresolver stringpublic_id stringsystem_id arraycontext public_id The public ID. system_id The system ID. context An array with the four elements "directory", "intSubName", "extSubURI" and "extSubSystem". This callable should return a &resource;, a &string; from which a resource can be opened. If &null; is returned, the entity reference resolution will fail. &reftitle.returnvalues; &return.success; &reftitle.examples; bar XML; $dtd = << DTD; libxml_set_external_entity_loader( function ($public, $system, $context) use($dtd) { var_dump($public); var_dump($system); var_dump($context); $f = fopen("php://temp", "r+"); fwrite($f, $dtd); rewind($f); return $f; } ); $dd = new DOMDocument; $r = $dd->loadXML($xml); var_dump($dd->validate()); ?> ]]> &example.outputs; NULL ["intSubName"] => NULL ["extSubURI"] => NULL ["extSubSystem"] => NULL } bool(true) ]]> &reftitle.seealso; libxml_disable_entity_loader