Applying fix for ZF-7639: "Zend_XmlRpc_Value* doesn't handle special chars correctly"

git-svn-id: http://framework.zend.com/svn/framework/standard/trunk@17751 44c647ce-9c0f-0410-b52a-842ac1e357ba

library/Zend/XmlRpc/Value.php

@@ -397,6 +397,28 @@ abstract class Zend_XmlRpc_Value
         $this->_as_xml = $xml;
     }
 
+
+    /**
+     * Make sure a string will be safe for XML, convert risky characters to entities
+     *
+     * @param string $str
+     * @return string
+     */
+    protected function _escapeXmlEntities($str)
+    {
+        return htmlspecialchars($str, ENT_QUOTES, 'UTF-8');
+    }
+
+    /**
+     * Convert XML entities into string values
+     *
+     * @param string $str
+     * @return string
+     */
+    protected function _decodeXmlEntities($str)
+    {
+        return html_entity_decode($str, ENT_QUOTES, 'UTF-8');
+    }
 }
 
 

library/Zend/XmlRpc/Value/String.php

@@ -45,7 +45,7 @@ class Zend_XmlRpc_Value_String extends Zend_XmlRpc_Value_Scalar
         $this->_type = self::XMLRPC_TYPE_STRING;
 
         // Make sure this value is string and all XML characters are encoded
-        $this->_value = $this->_xml_entities($value);
+        $this->_value = $this->_escapeXmlEntities($value);
     }
 
     /**
@@ -56,19 +56,7 @@ class Zend_XmlRpc_Value_String extends Zend_XmlRpc_Value_Scalar
      */
     public function getValue()
     {
-        return html_entity_decode($this->_value, ENT_QUOTES, 'UTF-8');
+        return $this->_decodeXmlEntities($this->_value);
     }
-
-    /**
-     * Make sure a string will be safe for XML, convert risky characters to HTML entities
-     *
-     * @param string $str
-     * @return string
-     */
-    private function _xml_entities($str)
-    {
-        return htmlentities($str, ENT_QUOTES, 'UTF-8');
-    }
-
 }
 

library/Zend/XmlRpc/Value/Struct.php

@@ -64,7 +64,7 @@ class Zend_XmlRpc_Value_Struct extends Zend_XmlRpc_Value_Collection
                 foreach ($this->_value as $name => $val) {
                     /* @var $val Zend_XmlRpc_Value */
                     $member = $struct->appendChild($dom->createElement('member'));
-                    $member->appendChild($dom->createElement('name', $name));
+                    $member->appendChild($dom->createElement('name', $this->_escapeXmlEntities($name)));
                     $member->appendChild($dom->importNode($val->getAsDOM(), 1));
                 }
             }

tests/Zend/XmlRpc/ValueTest.php

@@ -328,6 +328,20 @@ class Zend_XmlRpc_ValueTest extends PHPUnit_Framework_TestCase
     }
 
     /**
+     * @group ZF-7639
+     */
+    public function testMarshalStructFromXmlRpcWithEntities()
+    {
+        $native = array(' ' => 0);
+        $xml = '<value><struct><member><name>&amp;nbsp;</name><value><int>0</int>'
+             . '</value></member></struct></value>';
+        $val = Zend_XmlRpc_Value::getXmlRpcValue($xml, Zend_XmlRpc_Value::XML_STRING);
+        $this->assertXmlRpcType('struct', $val);
+        $this->assertSame($native, $val->getValue());
+        $this->assertSame($this->wrapXml($xml), $val->saveXML());
+    }
+
+    /**
      * @group ZF-3947
      */
     public function testMarshallingStructsWithEmptyValueFromXmlRpcShouldRetainKeys()