equal
deleted
inserted
replaced
720 */ |
720 */ |
721 public static function XML2array($XMLstring) { |
721 public static function XML2array($XMLstring) { |
722 if (function_exists('simplexml_load_string') && function_exists('libxml_disable_entity_loader')) { |
722 if (function_exists('simplexml_load_string') && function_exists('libxml_disable_entity_loader')) { |
723 // http://websec.io/2012/08/27/Preventing-XEE-in-PHP.html |
723 // http://websec.io/2012/08/27/Preventing-XEE-in-PHP.html |
724 // https://core.trac.wordpress.org/changeset/29378 |
724 // https://core.trac.wordpress.org/changeset/29378 |
725 $loader = libxml_disable_entity_loader(true); |
725 // This function has been deprecated in PHP 8.0 because in libxml 2.9.0, external entity loading is |
|
726 // disabled by default, but is still needed when LIBXML_NOENT is used. |
|
727 $loader = @libxml_disable_entity_loader(true); |
726 $XMLobject = simplexml_load_string($XMLstring, 'SimpleXMLElement', LIBXML_NOENT); |
728 $XMLobject = simplexml_load_string($XMLstring, 'SimpleXMLElement', LIBXML_NOENT); |
727 $return = self::SimpleXMLelement2array($XMLobject); |
729 $return = self::SimpleXMLelement2array($XMLobject); |
728 libxml_disable_entity_loader($loader); |
730 @libxml_disable_entity_loader($loader); |
729 return $return; |
731 return $return; |
730 } |
732 } |
731 return false; |
733 return false; |
732 } |
734 } |
733 |
735 |