Edit report at http://bugs.php.net/bug.php?id=51785&edit=1
ID: 51785 Updated by: m...@php.net Reported by: pecoes at gmail dot com Summary: No way to escape quotes for XPath -Status: Open +Status: Assigned Type: Bug Package: *XML functions Operating System: WinXP PHP Version: 5.3.2 -Assigned To: +Assigned To: rrichards Previous Comments: ------------------------------------------------------------------------ [2010-05-10 18:43:43] pecoes at gmail dot com Description: ------------ There seems to be no way to escape single or double quotes for XPath-Queries. given: <test>"</test> /test[text()="\""] produces an error message /test[text()="\\""] dito /test[text()="""] finds no match This is not a PHP-Bug, I suppose. It may be a bug in the libxml2. It might even be a bug in the XPath Spec itself. But regardless of where the blame lies: This is serious! How is one supposed to use user-input in an XPath, if it cannot be escaped? I found a work-around, but it's fugly: $dom = new DOMDocument; $dom->loadXML('<test>"</test>'); $xpath = new DOMXPath($dom); function xquote ($str) { if (strpos($str, '"') === FALSE) { return '"'.$str.'"'; } if (strpos($str, "'") === FALSE) { return "'".$str."'"; } $parts = preg_split('/(")/', $str, 0, PREG_SPLIT_DELIM_CAPTURE|PREG_SPLIT_NO_EMPTY); array_walk($parts, function (&$val) { if ($val == '"') $val = "'\"'"; else $val = '"'.$val.'"'; } ); return 'concat('.implode(',', $parts).')'; } $q = sprintf('/test[text()=%s]', xquote('"')); if ($xpath->evaluate($q)->item(0)) { echo 'found'; // works! } else { echo 'not found'; } Test script: --------------- $dom = new DOMDocument; $dom->loadXML('<test>"</test>'); $xpath = new DOMXPath($dom); $q = '/test[text()="""]'; if ($xpath->evaluate($q)->item(0)) { echo "found\r\n"; } else { echo "not found\r\n"; } $q = '/test[text()="\\""]'; if ($xpath->evaluate($q)->item(0)) { echo "found\r\n"; } else { echo "not found\r\n"; } Expected result: ---------------- found found Actual result: -------------- not found Warning: DOMXPath::evaluate(): Invalid predicate... Warning: DOMXPath::evaluate(): Invalid expression... Fatal error: Call to a member function item() on non-object... ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/bug.php?id=51785&edit=1