如何在 PHP 中使用 XPath 解析这个 XML

【问题标题】:How to parse this XML using XPath in Php如何在 PHP 中使用 XPath 解析这个 XML
【发布时间】:2018-06-19 06:26:07
【问题描述】:

我正在尝试使用 XPath 解析 XML,但无法获取数据,请帮助我使用伪代码,需要在 PHP 中使用 XPath 打印数据,我无法理解如何打印每个标签。需要一些关于 PHP 中的 XPath 的建议。

        <?xml version="1.0" encoding="utf-8"?>    
                     <Report>
                     <section index="2.2" title="Users With A Weak Authentication Password" ref="AUTHENTICATION.USERS.WEAKPASSWORD">
        <issuedetails>
          <devices>
            <device name="AD-FIN-2" type="Cisco Catalyst Switch" osversion="15.0" />
          </devices>
          <ratings type="Nipperv1">
            <rating>High</rating>
            <impact>Critical</impact>
            <ease>Moderate</ease>
            <fix>Quick</fix>
          </ratings>
        </issuedetails>
        <section index="2.2.1" title="Finding" ref="FINDING">
          <text>Access to restricted network user and administration services are typically secured using username and password authentication credentials. The strength of the authentication credentials is even more important if the service allows for devices to be reconfigured or it allows access to potentially sensitive information.</text>
          <text>DWS identified two user accounts with a weak password on AD-FIN-2. These are listed in Table <linktotable ref="AUTHENTICATION.USERS.WEAKPASSWORD.1">8</linktotable> and includes administrative access to the device.</text>
          <table index="8" title="Users on AD-FIN-2 with a weak password" ref="AUTHENTICATION.USERS.WEAKPASSWORD.1">
            <headings>
              <heading>User</heading>
              <heading>Password</heading>
              <heading>Privilege</heading>
              <heading>Weakness</heading>
            </headings>
            <tablebody>
              <tablerow>
                <tablecell><item>enable (password)</item></tablecell>
                <tablecell><item>R@j!magic</item></tablecell>
                <tablecell><item>15</item></tablecell>
                <tablecell><item>No numbers</item></tablecell>
              </tablerow>
              <tablerow>
                <tablecell><item>admin</item></tablecell>
                <tablecell><item>R@j!magic</item></tablecell>
                <tablecell><item>1</item></tablecell>
                <tablecell><item>No numbers</item></tablecell>
              </tablerow>
            </tablebody>
          </table>
        </section>
        <index="2.2.2" title="Impact" ref="IMPACT">
          <text>A malicious user, or remote attacker, who is able to connect to an administrative service will be able to authenticate to the device without using a password. The attacker will then be able to perform administrative and user level tasks. This could include re-configuring the device, extracting potentially sensitive information and disabling the device. Once an attacker has obtained the configuration from the device they may be able to identify authentication credentials that could then be used to gain access to other network devices.</text>
        </section>
        <section index="2.2.3" title="Ease" ref="EASE">
          <text>Password brute-forcing tools and techniques have been widely documented on the Internet and published media. Although there are a number of different tools available, brute-forcing authentication credentials can be problematic.</text>
          <list type="numbererd">
            <listitem>Account lockout facilities can quickly prevent access to the account.</listitem>
            <listitem>Device protection mechanisms may slow or disconnect connections where multiple authentication attempts are made in a short period of time.</listitem>
            <listitem>Brute-forcing can be very time consuming, especially if the password is long or made up of various character types.</listitem>
            <listitem>Network administrators may be alerted to locked out accounts or authentication attempts.</listitem>
          </list>
        </section>
        <section index="2.2.4" title="Recommendation" ref="RECOMMENDATION">
          <text>DWS strongly recommends that all authentication credentials should be configured with a strong password.</text>
          <text>DWS recommends that:</text>
          <list type="bullet">
            <listitem>passwords should be at least eight characters in length;</listitem>
            <listitem>characters in the password should not be repeated more than five times;</listitem>
            <listitem>passwords should include both upper case and lower case characters;</listitem>
            <listitem>passwords should include numbers;</listitem>
            <listitem>passwords should include punctuation characters;</listitem>
            <listitem>passwords should not include the username;</listitem>
            <listitem>passwords should not include a device's name, make or model;</listitem>
            <listitem>passwords should not be based on dictionary words.</listitem>
          </list>
          <text>Notes for Cisco Catalyst Switch devices:</text>
          <text>The following commands can be used on Cisco Catalyst Switch devices to set the enable password, create a local user with a password and to delete a local user:<code><command>enable secret <cmduser>password</cmduser></command>
<command>username <cmduser>user</cmduser> secret <cmduser>password</cmduser></command>
<command>no username <cmduser>user</cmduser></command>
</code></text>
        </section>
      </section>
          </Report>

MyCode:这是我用来解析 XML 的代码,但我无法打印数据或数组?请帮助我解决问题。

$xmlContent = file_get_contents('toshibaconfig2.xml');
$dom = new DOMDocument("1.0", "UTF-8");
$dom->preserveWhiteSpace = false;

$dom->loadXml($xmlContent);

$xpath = new DOMXPath($dom);

//
// Add namespaces automatically
//
// Fetch the namespaces, add a few lines to register these back with the document
// so that you can use them in XPath expressions...
foreach ($xpath->query('namespace::*', $dom->documentElement) as $node) {
    //echo $node-> . '=' . $node->nodeValue, "\n";
    $xpath->registerNamespace($node->localName, $node->nodeValue);
}


// Root node
$rootNode = $xpath->query('/report');

// Finding data
$Intro = $xpath->query('section/issuedetails/text', $rootNode)->item(0)->nodeValue;
$table = $xpath->query('table/headings/tablebody', $rootNode)->item(0)->nodeValue;
$list = $xpath->query('text/list/listitem', $rootNode)->item(0)->nodeValue;

// code data
$itemList = array();
$codedata = $xpath->query('command/cmduser/cmduser', $rootNode);

// Then loop over the items...

/** @var DOMNode $invoiceItemNode */
foreach ($codedata as $codedt) {
    $row = [];

    /** @var DOMNode $field */
    foreach ($codedt->childNodes as $field) {
        $row[$field->tagName] = $field->nodeValue;
    }
    $itemList[] = $row;
}

print_r($itemList);

【问题讨论】:

  • 很好,顺便问一下,最终输出应该是什么?那里有很多节点,你需要对你想要实现的目标有点具体
  • 我需要 ... 中的所有节点,具体顺序为 [Finding],[Ease],[impact],[Recommendation],[tablerow][tablebody ],[标题],[命令],[cmduser]。
  • 查看您拥有的 xml,您可能有一个错字 &lt;index="2.2.2" title="Impact" ref="IMPACT"&gt;,并且代码中的 xml 中没有 issuedetails
  • 请再次检查 XML 我已粘贴正确的 XML @Ghost
  • 因为你的数组结构不清楚,有一个简单的单行可以使用print_r(json_decode(json_encode((array) simplexml_load_string($xmlContent)),1);)

标签: php xml parsing xpath


【解决方案1】:

您请求了/report,但您的XML 的根元素称为&lt;Report&gt;。 XML 区分大小写。

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2011-01-23
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode