我试图用XPath解析XML,但是我无法获取数据,请帮助我使用Pseudocode,需要在PHP中使用XPath打印数据,我是&m; m无法理解如何打印每个标签。在PHP中需要一些关于这个XPath的建议。
<?xml version="1.0" encoding="utf-8"?>
<Report>
<section index="2.2" title="Users With A Weak Authentication Password" ref="AUTHENTICATION.USERS.WEAKPASSWORD">
<issuedetails>
<devices>
<device name="AD-FIN-2" type="Cisco Catalyst Switch" osversion="15.0" />
</devices>
<ratings type="Nipperv1">
<rating>High</rating>
<impact>Critical</impact>
<ease>Moderate</ease>
<fix>Quick</fix>
</ratings>
</issuedetails>
<section index="2.2.1" title="Finding" ref="FINDING">
<text>Access to restricted network user and administration services are typically secured using username and password authentication credentials. The strength of the authentication credentials is even more important if the service allows for devices to be reconfigured or it allows access to potentially sensitive information.</text>
<text>DWS identified two user accounts with a weak password on AD-FIN-2. These are listed in Table <linktotable ref="AUTHENTICATION.USERS.WEAKPASSWORD.1">8</linktotable> and includes administrative access to the device.</text>
<table index="8" title="Users on AD-FIN-2 with a weak password" ref="AUTHENTICATION.USERS.WEAKPASSWORD.1">
<headings>
<heading>User</heading>
<heading>Password</heading>
<heading>Privilege</heading>
<heading>Weakness</heading>
</headings>
<tablebody>
<tablerow>
<tablecell><item>enable (password)</item></tablecell>
<tablecell><item>R@j!magic</item></tablecell>
<tablecell><item>15</item></tablecell>
<tablecell><item>No numbers</item></tablecell>
</tablerow>
<tablerow>
<tablecell><item>admin</item></tablecell>
<tablecell><item>R@j!magic</item></tablecell>
<tablecell><item>1</item></tablecell>
<tablecell><item>No numbers</item></tablecell>
</tablerow>
</tablebody>
</table>
</section>
<index="2.2.2" title="Impact" ref="IMPACT">
<text>A malicious user, or remote attacker, who is able to connect to an administrative service will be able to authenticate to the device without using a password. The attacker will then be able to perform administrative and user level tasks. This could include re-configuring the device, extracting potentially sensitive information and disabling the device. Once an attacker has obtained the configuration from the device they may be able to identify authentication credentials that could then be used to gain access to other network devices.</text>
</section>
<section index="2.2.3" title="Ease" ref="EASE">
<text>Password brute-forcing tools and techniques have been widely documented on the Internet and published media. Although there are a number of different tools available, brute-forcing authentication credentials can be problematic.</text>
<list type="numbererd">
<listitem>Account lockout facilities can quickly prevent access to the account.</listitem>
<listitem>Device protection mechanisms may slow or disconnect connections where multiple authentication attempts are made in a short period of time.</listitem>
<listitem>Brute-forcing can be very time consuming, especially if the password is long or made up of various character types.</listitem>
<listitem>Network administrators may be alerted to locked out accounts or authentication attempts.</listitem>
</list>
</section>
<section index="2.2.4" title="Recommendation" ref="RECOMMENDATION">
<text>DWS strongly recommends that all authentication credentials should be configured with a strong password.</text>
<text>DWS recommends that:</text>
<list type="bullet">
<listitem>passwords should be at least eight characters in length;</listitem>
<listitem>characters in the password should not be repeated more than five times;</listitem>
<listitem>passwords should include both upper case and lower case characters;</listitem>
<listitem>passwords should include numbers;</listitem>
<listitem>passwords should include punctuation characters;</listitem>
<listitem>passwords should not include the username;</listitem>
<listitem>passwords should not include a device's name, make or model;</listitem>
<listitem>passwords should not be based on dictionary words.</listitem>
</list>
<text>Notes for Cisco Catalyst Switch devices:</text>
<text>The following commands can be used on Cisco Catalyst Switch devices to set the enable password, create a local user with a password and to delete a local user:<code><command>enable secret <cmduser>password</cmduser></command>
<command>username <cmduser>user</cmduser> secret <cmduser>password</cmduser></command>
<command>no username <cmduser>user</cmduser></command>
</code></text>
</section>
</section>
</Report>
MyCode:这是我用来解析XML的代码,但是我无法打印出数据或数组?请帮助我解决问题。
$xmlContent = file_get_contents('toshibaconfig2.xml');
$dom = new DOMDocument("1.0", "UTF-8");
$dom->preserveWhiteSpace = false;
$dom->loadXml($xmlContent);
$xpath = new DOMXPath($dom);
//
// Add namespaces automatically
//
// Fetch the namespaces, add a few lines to register these back with the document
// so that you can use them in XPath expressions...
foreach ($xpath->query('namespace::*', $dom->documentElement) as $node) {
//echo $node-> . '=' . $node->nodeValue, "\n";
$xpath->registerNamespace($node->localName, $node->nodeValue);
}
// Root node
$rootNode = $xpath->query('/report');
// Finding data
$Intro = $xpath->query('section/issuedetails/text', $rootNode)->item(0)->nodeValue;
$table = $xpath->query('table/headings/tablebody', $rootNode)->item(0)->nodeValue;
$list = $xpath->query('text/list/listitem', $rootNode)->item(0)->nodeValue;
// code data
$itemList = array();
$codedata = $xpath->query('command/cmduser/cmduser', $rootNode);
// Then loop over the items...
/** @var DOMNode $invoiceItemNode */
foreach ($codedata as $codedt) {
$row = [];
/** @var DOMNode $field */
foreach ($codedt->childNodes as $field) {
$row[$field->tagName] = $field->nodeValue;
}
$itemList[] = $row;
}
print_r($itemList);
答案 0 :(得分:0)
您已经要求/report,但您的XML的根元素称为<Report>。 XML区分大小写。