libxml_disable_entity_loader deprecated in PHP > 8.0

Question

libxml_disable_entity_loader deprecated in PHP > 8.0

cfl-wdmartin opened this issue 9 months ago · 1 comments

We just updated to PHP 8.3.4 from PHP 7.x, and I noticed Utils.php throwing deprecation errors on our dev server. Apparently libxml_disable_entity_loader() was deprecated in PHP 8.0 because external entity loading is disabled by default starting in that version. See the write-up on PHP Watch for details.

Obviously this won't cause problems if error reporting is turned off, as it should be on any production system. But if you have it on for development purposes, the deprecation notice mucks up the XML generated by metadata.php.

Checking the PHP version before running the command would fix this. Thus, in loadXML:

        if (\PHP_VERSION_ID < 80000) {
            $oldEntityLoader = libxml_disable_entity_loader(true);
        }

        $res = $dom->loadXML($xml);

        if (\PHP_VERSION_ID < 80000) {
            libxml_disable_entity_loader($oldEntityLoader);
        }

And later in validateXML:

        if (\PHP_VERSION_ID < 80000) {
            $oldEntityLoader = libxml_disable_entity_loader(false);
        }

        $res = $dom->schemaValidate($schemaFile);

        if (\PHP_VERSION_ID < 80000) {
            libxml_disable_entity_loader($oldEntityLoader);
        }

That should make it run smoothly in both 7.x and 8.x.

Is there a recommended branch for 8.x compatibility?

Answer 1 · 2024-03-28T21:36:01.000Z

Ugh, never mind. It looks like this issue was already addressed in the 4.x branch. And apparently cloning the master branch as a sub-module is not the best way to start integrating this library. Please disregard this bug report.