mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
13 lines
437 B
PHP
13 lines
437 B
PHP
<?php
|
|
// Safe: $_GET['user'] routed through the project-local `escape_xpath` helper
|
|
// before concatenation. The sanitizer clears XPATH_INJECTION so the sink
|
|
// does not fire.
|
|
function escape_xpath($raw) {
|
|
return str_replace(["'", "\""], ["'", """], $raw);
|
|
}
|
|
|
|
$xml = simplexml_load_file("users.xml");
|
|
$user = $_GET['user'];
|
|
$safe = escape_xpath($user);
|
|
$expr = "//user[name='" . $safe . "']";
|
|
$nodes = $xml->xpath($expr);
|