mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
14 lines
437 B
PHP
14 lines
437 B
PHP
|
<?php
|
||
|
|
// Safe: $_GET['user'] routed through the project-local `escape_xpath` helper
|
||
|
|
// before concatenation. The sanitizer clears XPATH_INJECTION so the sink
|
||
|
|
// does not fire.
|
||
|
|
function escape_xpath($raw) {
|
||
|
|
return str_replace(["'", "\""], ["'", """], $raw);
|
||
|
|
}
|
||
|
|
|
||
|
|
$xml = simplexml_load_file("users.xml");
|
||
|
|
$user = $_GET['user'];
|
||
|
|
$safe = escape_xpath($user);
|
||
|
|
$expr = "//user[name='" . $safe . "']";
|
||
|
|
$nodes = $xml->xpath($expr);
|