ID: 36795
Updated by: [EMAIL PROTECTED]
Reported By: john at carney dot id dot au
-Status: Open
+Status: Feedback
Bug Type: DOM XML related
Operating System: Windows/Linux
PHP Version: 5.1.2
New Comment:
Thank you for this bug report. To properly diagnose the problem, we
need a short but complete example script to be able to reproduce
this bug ourselves.
A proper reproducing script starts with <?php and ends with ?>,
is max. 10-20 lines long and does not require any external
resources such as databases, etc.
If possible, make the script source available online and provide
an URL to it here. Try to avoid embedding huge scripts into the report.
Also, what version of libxml2 are you using as I am unable to reproduce
this.
Previous Comments:
------------------------------------------------------------------------
[2006-03-20 02:05:23] john at carney dot id dot au
Description:
------------
While it is not specifically mentioned in the documentation,
DOMElement->setAttribute automatically escapes XML special characters
in the value parameter. Yet, as of PHP 5.1.2 it will throw an
"unterminated entity reference" warning if the supplied value contains
an ampersand - even if it is escaped.
As well as fixing the actual bug, the documentation needs to clarify
*exactly* how special characters in the inputs to this and other DOM
functions are treated. If you are going to silently escape input text,
you need to tell people so that they don't end up with stuff being
double-escaped.
Reproduce code:
---------------
$element->setAttribute ("anattr", "jack & jill") ;
$element->setAttribute ("anattr", "jack & jill") ;
Expected result:
----------------
No warnings should be thrown.
Actual result:
--------------
BOTH calls to setAttribute throw an "unterminated entity reference"
warning.
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=36795&edit=1
