xlxd/dashboard/pgs/class.parsexml.php

<?php

class ParseXML {

   public function __construct() {
      return true;
   }

   public function GetElement($InputString, $ElementName) {
    // Sanitize element name to prevent XML injection
    $ElementName = preg_replace('/[^a-zA-Z0-9_\-\s]/', '', $ElementName);
    
    if (strpos($InputString, "<".$ElementName.">") === false) return false;
    if (strpos($InputString, "</".$ElementName.">") === false) return false;

    $Element = substr($InputString, strpos($InputString, "<".$ElementName.">")+strlen($ElementName)+2, strpos($InputString, "</".$ElementName.">")-strpos($InputString, "<".$ElementName.">")-strlen($ElementName)-2);
    
    // Strip any remaining HTML/XML tags from the content
    return strip_tags($Element);
   }

   public function GetAllElements($InputString, $ElementName) {
    // Sanitize element name to prevent XML injection
    $ElementName = preg_replace('/[^a-zA-Z0-9_\-\s]/', '', $ElementName);
    
    $Elements = array();
    while (strpos($InputString, $ElementName) !== false) {
        $element = $this->GetElement($InputString, $ElementName);
        if ($element !== false) {
            $Elements[] = $element;
        }
        $InputString = substr($InputString, strpos($InputString, "</".$ElementName.">")+strlen($ElementName)+3, strlen($InputString));
    }
    return $Elements;
   }

}

?>
added dashboard Added PHP code for web dashboard 2016-01-01 13:42:52 +01:00			`<?php`

			`class ParseXML {`
version 1.4.1 2017-01-24 08:45:11 +01:00
added dashboard Added PHP code for web dashboard 2016-01-01 13:42:52 +01:00			`public function __construct() {`
version 1.4.1 2017-01-24 08:45:11 +01:00			`return true;`
added dashboard Added PHP code for web dashboard 2016-01-01 13:42:52 +01:00			`}`
version 1.4.1 2017-01-24 08:45:11 +01:00
added dashboard Added PHP code for web dashboard 2016-01-01 13:42:52 +01:00			`public function GetElement($InputString, $ElementName) {`
XSS Vulnerability Patches and Security Enhancements for Dashboard1 2025-10-14 15:15:20 +02:00			`// Sanitize element name to prevent XML injection`
			`$ElementName = preg_replace('/[^a-zA-Z0-9_\-\s]/', '', $ElementName);`

			`if (strpos($InputString, "<".$ElementName.">") === false) return false;`
			`if (strpos($InputString, "</".$ElementName.">") === false) return false;`

			`$Element = substr($InputString, strpos($InputString, "<".$ElementName.">")+strlen($ElementName)+2, strpos($InputString, "</".$ElementName.">")-strpos($InputString, "<".$ElementName.">")-strlen($ElementName)-2);`

			`// Strip any remaining HTML/XML tags from the content`
			`return strip_tags($Element);`
added dashboard Added PHP code for web dashboard 2016-01-01 13:42:52 +01:00			`}`
version 1.4.1 2017-01-24 08:45:11 +01:00
added dashboard Added PHP code for web dashboard 2016-01-01 13:42:52 +01:00			`public function GetAllElements($InputString, $ElementName) {`
XSS Vulnerability Patches and Security Enhancements for Dashboard1 2025-10-14 15:15:20 +02:00			`// Sanitize element name to prevent XML injection`
			`$ElementName = preg_replace('/[^a-zA-Z0-9_\-\s]/', '', $ElementName);`

			`$Elements = array();`
			`while (strpos($InputString, $ElementName) !== false) {`
			`$element = $this->GetElement($InputString, $ElementName);`
			`if ($element !== false) {`
			`$Elements[] = $element;`
			`}`
			`$InputString = substr($InputString, strpos($InputString, "</".$ElementName.">")+strlen($ElementName)+3, strlen($InputString));`
			`}`
			`return $Elements;`
added dashboard Added PHP code for web dashboard 2016-01-01 13:42:52 +01:00			`}`

version 1.4.1 2017-01-24 08:45:11 +01:00			`}`
added dashboard Added PHP code for web dashboard 2016-01-01 13:42:52 +01:00
version 1.4.1 2017-01-24 08:45:11 +01:00			`?>`