Skip to content

Request #64137: XSLTProcessor::setParameter() should allow both quotes to be used #12331

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 4 commits into from
Closed

Request #64137: XSLTProcessor::setParameter() should allow both quotes to be used #12331

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
80bb216
Implement request #64137 (XSLTProcessor::setParameter() should allow …
nielsdos Sep 30, 2023
c3a4e86
Use RETURN_STR_COPY() in xsl
nielsdos Sep 30, 2023
c30c230
Use double quotes
nielsdos Sep 30, 2023
528cbad
null byte handling
nielsdos Sep 30, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions UPGRADING
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,11 @@ PHP 8.4 UPGRADE NOTES
for invalid modes. Previously invalid modes would have been interpreted as
PHP_ROUND_HALF_UP.

- XSL:
. XSLTProcessor::setParameter() will now throw a ValueError when its arguments
contain null bytes. This never actually worked correctly in the first place,
which is why it throws an exception nowadays.

========================================
2. New Features
========================================
Expand Down
5 changes: 3 additions & 2 deletions ext/xsl/tests/bug48221.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,9 @@ $proc->importStylesheet($xsl);
$proc->setParameter('', '', '"\'');
$proc->transformToXml($dom);
?>
--EXPECTF--
Warning: XSLTProcessor::transformToXml(): Cannot create XPath expression (string contains both quote and double-quotes) in %s on line %d
Done
--EXPECT--
Done
--CREDITS--
Christian Weiske, cweiske@php.net
PHP Testfest Berlin 2009-05-09
35 changes: 35 additions & 0 deletions ext/xsl/tests/bug64137.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
--TEST--
Request #64137 (XSLTProcessor::setParameter() should allow both quotes to be used)
--EXTENSIONS--
xsl
--FILE--
<?php

function test(string $input) {
$xml = new DOMDocument;
$xml->loadXML('<X/>');

$xsl = new DOMDocument;
$xsl->loadXML('<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"><xsl:output method="text"/><xsl:param name="foo"/><xsl:template match="/"><xsl:value-of select="$foo"/></xsl:template></xsl:stylesheet>');

$xslt = new XSLTProcessor;
$xslt->importStylesheet($xsl);
$xslt->setParameter('', 'foo', $input);

echo $xslt->transformToXml($xml), "\n";
}

test("");
test("a'");
test("a\"");
test("fo'o\"ba'r\"ba'z");
test("\"\"\"fo'o\"ba'r\"ba'z\"\"\"");
test("'''\"\"\"fo'o\"ba'r\"ba'z\"\"\"'''");

?>
--EXPECT--
a'
a"
fo'o"ba'r"ba'z
"""fo'o"ba'r"ba'z"""
'''"""fo'o"ba'r"ba'z"""'''
102 changes: 102 additions & 0 deletions ext/xsl/tests/setParameter_exceptions_test.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,102 @@
--TEST--
setParameter exceptions test
--EXTENSIONS--
xsl
--FILE--
<?php

function test(array $options) {
$xml = new DOMDocument;
$xml->loadXML('<X/>');

$xsl = new DOMDocument;
$xsl->loadXML('<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"><xsl:output method="text"/><xsl:param name="foo"/><xsl:template match="/"><xsl:value-of select="$foo"/></xsl:template></xsl:stylesheet>');

$xslt = new XSLTProcessor;
$xslt->importStylesheet($xsl);
$xslt->setParameter('', $options);

echo $xslt->transformToXml($xml), "\n";
}

echo "--- Invalid key ---\n";

try {
test([
12345 => "foo"
]);
} catch (TypeError $e) {
echo $e->getMessage(), "\n";
}

echo "--- Valid key and value, but special cases ---\n";

test([
"foo" => null,
]);

test([
"foo" => true,
]);

echo "--- Exception from Stringable should abort execution ---\n";
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
echo "--- Exception from Stringable should abort execution ---\n";
echo "--- Exception from __toString should abort execution ---\n";

Might be clearer, as I was slightly confused just reading the output


class MyStringable {
public function __toString(): string {
throw new Exception("exception!");
}
}

try {
test([
"foo" => new MyStringable,
]);
} catch (Throwable $e) {
echo $e->getMessage(), "\n";
}

echo "--- Exception from warning should abort execution ---\n";

set_error_handler(function($errno, $errstr) {
throw new Exception($errstr);
}, E_WARNING);

try {
test([
"foo" => [],
"foo2" => [],
]);
} catch (Throwable $e) {
echo $e->getMessage(), "\n";
}

set_error_handler(null, E_WARNING);

echo "--- Warning may continue execution ---\n";

try {
test([
"foo" => [],
"foo2" => [],
]);
} catch (Throwable $e) {
echo $e->getMessage(), "\n";
}

?>
--EXPECTF--
--- Invalid key ---
XSLTProcessor::setParameter(): Argument #2 ($name) must contain only string keys
--- Valid key and value, but special cases ---

1
--- Exception from Stringable should abort execution ---
exception!
--- Exception from warning should abort execution ---
Array to string conversion
--- Warning may continue execution ---

Warning: Array to string conversion in %s on line %d

Warning: Array to string conversion in %s on line %d
Array
43 changes: 43 additions & 0 deletions ext/xsl/tests/setParameter_null_bytes.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
--TEST--
setParameter() with null bytes
--EXTENSIONS--
xsl
--FILE--
<?php

$xslt = new XSLTProcessor();

try {
$xslt->setParameter("", "foo\0", "bar");
} catch (ValueError $e) {
echo $e->getMessage(), "\n";
}

try {
$xslt->setParameter("", "foo", "bar\0");
} catch (ValueError $e) {
echo $e->getMessage(), "\n";
}

try {
$xslt->setParameter("", [
"foo\0" => "bar",
]);
} catch (ValueError $e) {
echo $e->getMessage(), "\n";
}

try {
$xslt->setParameter("", [
"foo" => "bar\0",
]);
} catch (ValueError $e) {
echo $e->getMessage(), "\n";
}

?>
--EXPECT--
XSLTProcessor::setParameter(): Argument #2 ($name) must not contain any null bytes
XSLTProcessor::setParameter(): Argument #3 ($value) must not contain any null bytes
XSLTProcessor::setParameter(): Argument #3 ($value) must not contain keys with any null bytes
XSLTProcessor::setParameter(): Argument #3 ($value) must not contain values with any null bytes
5 changes: 3 additions & 2 deletions ext/xsl/tests/xsltprocessor_setparameter-errorquote.phpt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,9 @@ $proc->importStylesheet($xsl);
$proc->setParameter('', '', '"\'');
$proc->transformToXml($dom);
?>
--EXPECTF--
Warning: XSLTProcessor::transformToXml(): Cannot create XPath expression (string contains both quote and double-quotes) in %s on line %d
Done
--EXPECT--
Done
--CREDITS--
Christian Weiske, cweiske@php.net
PHP Testfest Berlin 2009-05-09
Loading