PHP高亮显示 XML 源代码
它将说明如何外部实体指向处理器来包含和解析其它文档,如何处理 pis,以及一种确定包含有 pis 的代码的可信度。
能被该范例使用的的 xml 文档(xmltest.xml 和 xmltest2.xml)被列在该范例之后。
外部实体范例
<?php
$file = "xmltest.xml";
function trustedfile($file) {
// only trust local files owned by ourselves
if (!eregi("^([a-z]+)://", $file)
&& fileowner($file) == getmyuid()) {
return true;
}
return false;
}
function startelement($parser, $name, $attribs) {
print "<<font color=\"#0000cc\">$name</font>";
if (sizeof($attribs)) {
while (list($k, $v) = each($attribs)) {
print " <font color=\"#009900\">$k</font>=\"<font
color=\"#990000\">$v</font>\"";
}
}
print ">";
}
function endelement($parser, $name) {
print "</<font color=\"#0000cc\">$name</font>>";
}
function characterdata($parser, $data) {
print "<b>$data</b>";
}
function pihandler($parser, $target, $data) {
switch (strtolower($target)) {
case "php\":
global $parser_file;
// if the parsed document is "trusted", we say it is safe
// to execute php code inside it. if not, display the code
// instead.
if (trustedfile($parser_file[$parser])) {
eval($data);
} else {
printf("untrusted php code: <i>%s</i>",
htmlspecialchars($data));
}
break;
}
}
function defaulthandler($parser, $data) {
if (substr($data, 0, 1) == "&" && substr($data, -1, 1) == ";") {
printf('<font color="#aa00aa">%s</font>',
htmlspecialchars($data));
} else {
printf('<font size="-1">%s</font>',
htmlspecialchars($data));
}
}
function externalentityrefhandler($parser, $openentitynames, $base, $systemid,
$publicid) {
if ($systemid) {
if (!list($parser, $fp) = new_xml_parser($systemid)) {
printf("could not open entity %s at %s\n", $openentitynames,
$systemid);
return false;
}
while ($data = fread($fp, 4096)) {
if (!xml_parse($parser, $data, feof($fp))) {
printf("xml error: %s at line %d while parsing entity %s\n",
xml_error_string(xml_get_error_code($parser)),
xml_get_current_line_number($parser), $openentitynames);
xml_parser_free($parser);
return false;
}
}
xml_parser_free($parser);
return true;
}
return false;
}
function new_xml_parser($file) {
global $parser_file;
$xml_parser = xml_parser_create();
xml_parser_set_option($xml_parser, xml_option_case_folding, 1);
xml_set_element_handler($xml_parser, "startelement", "endelement");
xml_set_character_data_handler($xml_parser, "characterdata");
xml_set_processing_instruction_handler($xml_parser, "pihandler");
xml_set_default_handler($xml_parser, "defaulthandler");
xml_set_external_entity_ref_handler($xml_parser, "externalentityrefhandler");
if (!($fp = @fopen($file, "r"))) {
return false;
}
if (!is_array($parser_file)) {
settype($parser_file, "array");
}
$parser_file[$xml_parser] = $file;
return array($xml_parser, $fp);
}
if (!(list($xml_parser, $fp) = new_xml_parser($file))) {
die("could not open xml input");
}
print "<pre>";
while ($data = fread($fp, 4096)) {
if (!xml_parse($xml_parser, $data, feof($fp))) {
die(sprintf("xml error: %s at line %d\n",
xml_error_string(xml_get_error_code($xml_parser)),
xml_get_current_line_number($xml_parser)));
}
}
print "</pre>";
print "parse complete\n";
xml_parser_free($xml_parser);
?>
<?xml version='1.0'?>
<!doctype chapter system "/just/a/test.dtd" [
<!entity plainentity "foo entity">
<!entity systementity system "xmltest2.xml">
]>
<chapter>
<title>title &plainentity;</title>
<para>
<informaltable>
<tgroup cols="3">
<tbody>
<row><entry>a1</entry><entry morerows="1">b1</entry><entry>c1</entry></row>
<row><entry>a2</entry><entry>c2</entry></row>
<row><entry>a3</entry><entry>b3</entry><entry>c3</entry></row>
</tbody>
</tgroup>
</informaltable>
</para>
&systementity;
<section id="about">
<title>about this document</title>
<para>
<!-- this is a comment -->
<?php print 'hi! this is php version '.phpversion(); ?>
</para>
</section>
</chapter>
以下文档将被 xmltest.xml 文件调用: xmltest2.xml
<?xml version="1.0"?>
<!doctype foo [
<!entity testent "test entity">
]>
<foo>
<element attrib="value"/>
&testent;
<?php print "this is some more php code being executed."; ?>
</foo>
制作:罗可龙 电邮:luokelong(at)it168.com