mirror of
https://github.com/sigmasternchen/php-doc-en
synced 2025-03-15 16:38:54 +00:00
28fe0b00a9
Fixes doc bug #68368 (Insecure example). git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@335165 c90b9560-bf6c-de11-be94-00142212c4b1
352 lines
9 KiB
XML
352 lines
9 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!-- $Revision$ -->
|
|
<chapter xml:id="xml.examples" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
|
|
&reftitle.examples;
|
|
<section xml:id="example.xml-structure">
|
|
<title>XML Element Structure Example</title>
|
|
<para>
|
|
This first example displays the structure of the start elements in
|
|
a document with indentation.
|
|
<example>
|
|
<title>Show XML Element Structure</title>
|
|
<programlisting role="php">
|
|
<![CDATA[
|
|
<?php
|
|
$file = "data.xml";
|
|
$depth = array();
|
|
|
|
function startElement($parser, $name, $attrs)
|
|
{
|
|
global $depth;
|
|
|
|
if (!isset($depth[$parser])) {
|
|
$depth[$parser] = 0;
|
|
}
|
|
|
|
for ($i = 0; $i < $depth[$parser]; $i++) {
|
|
echo " ";
|
|
}
|
|
echo "$name\n";
|
|
$depth[$parser]++;
|
|
}
|
|
|
|
function endElement($parser, $name)
|
|
{
|
|
global $depth;
|
|
$depth[$parser]--;
|
|
}
|
|
|
|
$xml_parser = xml_parser_create();
|
|
xml_set_element_handler($xml_parser, "startElement", "endElement");
|
|
if (!($fp = fopen($file, "r"))) {
|
|
die("could not open XML input");
|
|
}
|
|
|
|
while ($data = fread($fp, 4096)) {
|
|
if (!xml_parse($xml_parser, $data, feof($fp))) {
|
|
die(sprintf("XML error: %s at line %d",
|
|
xml_error_string(xml_get_error_code($xml_parser)),
|
|
xml_get_current_line_number($xml_parser)));
|
|
}
|
|
}
|
|
xml_parser_free($xml_parser);
|
|
?>
|
|
]]>
|
|
</programlisting>
|
|
</example>
|
|
</para>
|
|
</section>
|
|
|
|
<section xml:id="example.xml-map-tags">
|
|
<title>XML Tag Mapping Example</title>
|
|
<para>
|
|
<example>
|
|
<title>Map XML to HTML</title>
|
|
<para>
|
|
This example maps tags in an XML document directly to HTML
|
|
tags. Elements not found in the "map array" are ignored. Of
|
|
course, this example will only work with a specific XML
|
|
document type.
|
|
</para>
|
|
<programlisting role="php">
|
|
<![CDATA[
|
|
<?php
|
|
$file = "data.xml";
|
|
$map_array = array(
|
|
"BOLD" => "B",
|
|
"EMPHASIS" => "I",
|
|
"LITERAL" => "TT"
|
|
);
|
|
|
|
function startElement($parser, $name, $attrs)
|
|
{
|
|
global $map_array;
|
|
if (isset($map_array[$name])) {
|
|
echo "<$map_array[$name]>";
|
|
}
|
|
}
|
|
|
|
function endElement($parser, $name)
|
|
{
|
|
global $map_array;
|
|
if (isset($map_array[$name])) {
|
|
echo "</$map_array[$name]>";
|
|
}
|
|
}
|
|
|
|
function characterData($parser, $data)
|
|
{
|
|
echo $data;
|
|
}
|
|
|
|
$xml_parser = xml_parser_create();
|
|
// use case-folding so we are sure to find the tag in $map_array
|
|
xml_parser_set_option($xml_parser, XML_OPTION_CASE_FOLDING, true);
|
|
xml_set_element_handler($xml_parser, "startElement", "endElement");
|
|
xml_set_character_data_handler($xml_parser, "characterData");
|
|
if (!($fp = fopen($file, "r"))) {
|
|
die("could not open XML input");
|
|
}
|
|
|
|
while ($data = fread($fp, 4096)) {
|
|
if (!xml_parse($xml_parser, $data, feof($fp))) {
|
|
die(sprintf("XML error: %s at line %d",
|
|
xml_error_string(xml_get_error_code($xml_parser)),
|
|
xml_get_current_line_number($xml_parser)));
|
|
}
|
|
}
|
|
xml_parser_free($xml_parser);
|
|
?>
|
|
]]>
|
|
</programlisting>
|
|
</example>
|
|
</para>
|
|
</section>
|
|
|
|
<section xml:id="example.xml-external-entity">
|
|
<title>XML External Entity Example</title>
|
|
<para>
|
|
This example highlights XML code. It illustrates how to use an
|
|
external entity reference handler to include and parse other
|
|
documents, as well as how PIs can be processed, and a way of
|
|
determining "trust" for PIs containing code.
|
|
</para>
|
|
<para>
|
|
XML documents that can be used for this example are found below
|
|
the example (<filename>xmltest.xml</filename> and
|
|
<filename>xmltest2.xml</filename>.)
|
|
</para>
|
|
<para>
|
|
<example>
|
|
<title>External Entity Example</title>
|
|
<programlisting role="php">
|
|
<![CDATA[
|
|
<?php
|
|
$file = "xmltest.xml";
|
|
|
|
function trustedFile($file)
|
|
{
|
|
// only trust local files owned by ourselves
|
|
if (!preg_match("@^([a-z][a-z0-9+.-]*)\:\/\/@i", $file)
|
|
&& fileowner($file) == getmyuid()) {
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
function startElement($parser, $name, $attribs)
|
|
{
|
|
echo "<<font color=\"#0000cc\">$name</font>";
|
|
if (count($attribs)) {
|
|
foreach ($attribs as $k => $v) {
|
|
echo " <font color=\"#009900\">$k</font>=\"<font
|
|
color=\"#990000\">$v</font>\"";
|
|
}
|
|
}
|
|
echo ">";
|
|
}
|
|
|
|
function endElement($parser, $name)
|
|
{
|
|
echo "</<font color=\"#0000cc\">$name</font>>";
|
|
}
|
|
|
|
function characterData($parser, $data)
|
|
{
|
|
echo "<b>$data</b>";
|
|
}
|
|
|
|
function PIHandler($parser, $target, $data)
|
|
{
|
|
switch (strtolower($target)) {
|
|
case "php":
|
|
global $parser_file;
|
|
// If the parsed document is "trusted", we say it is safe
|
|
// to execute PHP code inside it. If not, display the code
|
|
// instead.
|
|
if (trustedFile($parser_file[$parser])) {
|
|
eval($data);
|
|
} else {
|
|
printf("Untrusted PHP code: <i>%s</i>",
|
|
htmlspecialchars($data));
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
|
|
function defaultHandler($parser, $data)
|
|
{
|
|
if (substr($data, 0, 1) == "&" && substr($data, -1, 1) == ";") {
|
|
printf('<font color="#aa00aa">%s</font>',
|
|
htmlspecialchars($data));
|
|
} else {
|
|
printf('<font size="-1">%s</font>',
|
|
htmlspecialchars($data));
|
|
}
|
|
}
|
|
|
|
function externalEntityRefHandler($parser, $openEntityNames, $base, $systemId,
|
|
$publicId) {
|
|
if ($systemId) {
|
|
if (!list($parser, $fp) = new_xml_parser($systemId)) {
|
|
printf("Could not open entity %s at %s\n", $openEntityNames,
|
|
$systemId);
|
|
return false;
|
|
}
|
|
while ($data = fread($fp, 4096)) {
|
|
if (!xml_parse($parser, $data, feof($fp))) {
|
|
printf("XML error: %s at line %d while parsing entity %s\n",
|
|
xml_error_string(xml_get_error_code($parser)),
|
|
xml_get_current_line_number($parser), $openEntityNames);
|
|
xml_parser_free($parser);
|
|
return false;
|
|
}
|
|
}
|
|
xml_parser_free($parser);
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
function new_xml_parser($file)
|
|
{
|
|
global $parser_file;
|
|
|
|
$xml_parser = xml_parser_create();
|
|
xml_parser_set_option($xml_parser, XML_OPTION_CASE_FOLDING, 1);
|
|
xml_set_element_handler($xml_parser, "startElement", "endElement");
|
|
xml_set_character_data_handler($xml_parser, "characterData");
|
|
xml_set_processing_instruction_handler($xml_parser, "PIHandler");
|
|
xml_set_default_handler($xml_parser, "defaultHandler");
|
|
xml_set_external_entity_ref_handler($xml_parser, "externalEntityRefHandler");
|
|
|
|
if (!($fp = @fopen($file, "r"))) {
|
|
return false;
|
|
}
|
|
if (!is_array($parser_file)) {
|
|
settype($parser_file, "array");
|
|
}
|
|
$parser_file[$xml_parser] = $file;
|
|
return array($xml_parser, $fp);
|
|
}
|
|
|
|
if (!(list($xml_parser, $fp) = new_xml_parser($file))) {
|
|
die("could not open XML input");
|
|
}
|
|
|
|
echo "<pre>";
|
|
while ($data = fread($fp, 4096)) {
|
|
if (!xml_parse($xml_parser, $data, feof($fp))) {
|
|
die(sprintf("XML error: %s at line %d\n",
|
|
xml_error_string(xml_get_error_code($xml_parser)),
|
|
xml_get_current_line_number($xml_parser)));
|
|
}
|
|
}
|
|
echo "</pre>";
|
|
echo "parse complete\n";
|
|
xml_parser_free($xml_parser);
|
|
|
|
?>
|
|
]]>
|
|
</programlisting>
|
|
</example>
|
|
</para>
|
|
<para>
|
|
<example>
|
|
<title>xmltest.xml</title>
|
|
<programlisting role="xml">
|
|
<![CDATA[
|
|
<?xml version='1.0'?>
|
|
<!DOCTYPE chapter SYSTEM "/just/a/test.dtd" [
|
|
<!ENTITY plainEntity "FOO entity">
|
|
<!ENTITY systemEntity SYSTEM "xmltest2.xml">
|
|
]>
|
|
<chapter>
|
|
<TITLE>Title &plainEntity;</TITLE>
|
|
<para>
|
|
<informaltable>
|
|
<tgroup cols="3">
|
|
<tbody>
|
|
<row><entry>a1</entry><entry morerows="1">b1</entry><entry>c1</entry></row>
|
|
<row><entry>a2</entry><entry>c2</entry></row>
|
|
<row><entry>a3</entry><entry>b3</entry><entry>c3</entry></row>
|
|
</tbody>
|
|
</tgroup>
|
|
</informaltable>
|
|
</para>
|
|
&systemEntity;
|
|
<section id="about">
|
|
<title>About this Document</title>
|
|
<para>
|
|
<!-- this is a comment -->
|
|
<?php echo 'Hi! This is PHP version ' . phpversion(); ?>
|
|
</para>
|
|
</section>
|
|
</chapter>
|
|
]]>
|
|
</programlisting>
|
|
</example>
|
|
</para>
|
|
<para>
|
|
This file is included from <filename>xmltest.xml</filename>:
|
|
<example>
|
|
<title>xmltest2.xml</title>
|
|
<programlisting role="xml">
|
|
<![CDATA[
|
|
<?xml version="1.0"?>
|
|
<!DOCTYPE foo [
|
|
<!ENTITY testEnt "test entity">
|
|
]>
|
|
<foo>
|
|
<element attrib="value"/>
|
|
&testEnt;
|
|
<?php echo "This is some more PHP code being executed."; ?>
|
|
</foo>
|
|
]]>
|
|
</programlisting>
|
|
</example>
|
|
</para>
|
|
</section>
|
|
</chapter>
|
|
|
|
<!-- Keep this comment at the end of the file
|
|
Local variables:
|
|
mode: sgml
|
|
sgml-omittag:t
|
|
sgml-shorttag:t
|
|
sgml-minimize-attributes:nil
|
|
sgml-always-quote-attributes:t
|
|
sgml-indent-step:1
|
|
sgml-indent-data:t
|
|
indent-tabs-mode:nil
|
|
sgml-parent-document:nil
|
|
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
|
|
sgml-exposed-tags:nil
|
|
sgml-local-catalogs:nil
|
|
sgml-local-ecat-files:nil
|
|
End:
|
|
vim600: syn=xml fen fdm=syntax fdl=2 si
|
|
vim: et tw=78 syn=sgml
|
|
vi: ts=1 sw=1
|
|
-->
|
|
|