Skip to content

Instantly share code, notes, and snippets.

@convenient
Last active October 22, 2016 18:19
Show Gist options
  • Save convenient/5af567eae7090ed333c6cd366e77d357 to your computer and use it in GitHub Desktop.
Save convenient/5af567eae7090ed333c6cd366e77d357 to your computer and use it in GitHub Desktop.
php-fpm libxml_disable_entity_loader
<?php
error_reporting( error_reporting() & ~E_NOTICE & ~E_WARNING);
/**
* @param SimpleXMLElement|bool $element
* @return string
*/
function loadedOkay($element)
{
if ($element === true) {
return 'pass';
}
if ($element instanceof SimpleXMLElement && strpos($element->asXML(), '<very>convenient</very>') !== false) {
return 'pass';
}
return 'fail';
}
$path = __DIR__ . '/sample.xml';
echo "libxml_disable_entity_loader = true" . PHP_EOL;
libxml_disable_entity_loader(true);
echo "simplexml_load_file:\t" . loadedOkay(simplexml_load_file($path)) . PHP_EOL;
echo "simplexml_load_string:\t" . loadedOkay(simplexml_load_string(file_get_contents($path))) . PHP_EOL;
$xml = new XMLReader();
echo "XMLReader open:\t\t\t" . loadedOkay($xml->open($path)) . PHP_EOL;
echo PHP_EOL;
echo "libxml_disable_entity_loader = false" . PHP_EOL;
libxml_disable_entity_loader(false);
echo "simplexml_load_file:\t" . loadedOkay(simplexml_load_file($path)) . PHP_EOL;
echo "simplexml_load_string:\t" . loadedOkay(simplexml_load_string(file_get_contents($path))) . PHP_EOL;
$xml = new XMLReader();
echo "XMLReader open:\t\t\t" . loadedOkay($xml->open($path)) . PHP_EOL;
libxml_disable_entity_loader = true
simplexml_load_file:	fail
simplexml_load_string:	pass
XMLReader open:			fail

libxml_disable_entity_loader = false
simplexml_load_file:	pass
simplexml_load_string:	pass
XMLReader open:			pass
<very>convenient</very>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment