Encode special characters as XML entities

[krtcom]

Sending EPP request containing special characters like '&' causes errors. This should fix it by encoding special characters as XML entities. Is it OK?

[lifeofguenter]

This does not look right. Setting the value via ->nodeValue automatically takes care of htmlentities, see also: https://stackoverflow.com/a/17332805/567193

If that is not the case, then there is somewhere else a bug - can you please produce a (failing) test case to proof & show the fault?

[krtcom]

Yes, setting nodeValue on DOMText indeed takes care of xml entities but setting it on DOMElement (which are created in AbstractFrame) does convert only < and > characters. If value contains & it causes warning.

For example examples/update_contact.php

require '../vendor/autoload.php';

use AfriCC\EPP\Frame\Command\Update\Contact as UpdateContact;

$frame = new UpdateContact();
$frame->setId('C0054');
$frame->addOrganization('Father & Sons');

After running this I get this warning:

PHP Warning:  AfriCC\EPP\AbstractFrame::set(): unterminated entity reference Sons in php-epp2/src/AfriCC/EPP/AbstractFrame.php on line 62

Of course we could sanitize each value of every set/add/change call in entire application, but this looked like the easiest solution, since I am not aware of any side-effects of this method on the result.

Maybe just to be sure not to change the value too much it could be changed to
$this->nodes[$path]->nodeValue = str_replace("&", "&", $value);

What do you think?

[lifeofguenter]

sounds reasonable - I am dissecting this a bit - thanks for the contribution :) 👍