include::../description.adoc[]

include::../ask-yourself.adoc[]

include::../recommended.adoc[]

== Sensitive Code Example

----
function evaluate_xpath($doc, $xpathstring, $xmlstring)
{
    $xpath = new DOMXpath($doc);
    $xpath->query($xpathstring); // Sensitive
    $xpath->evaluate($xpathstring); // Sensitive

    // There is no risk if the xpath is hardcoded
    $xpath->query("/users/user[@name='alice']"); // Ok
    $xpath->evaluate("/users/user[@name='alice']"); // Ok

    // An issue will also be created if the SimpleXMLElement is created
    // by simplexml_load_file, simplexml_load_string or simplexml_import_dom
    $xml = new SimpleXMLElement($doc);
    $xml->xpath($xpathstring); // Sensitive

    // There is no risk if the xpath is hardcoded
    $xml->xpath("/users/user[@name='alice']"); // Ok
}
----

include::../see.adoc[]