Index: tests/Zend/XmlRpc/ValueTest.php =================================================================== --- tests/Zend/XmlRpc/ValueTest.php (revision 17681) +++ tests/Zend/XmlRpc/ValueTest.php (working copy) @@ -327,6 +327,17 @@ $this->assertEquals($this->wrapXml($xml), $val->saveXML()); } + public function testMarshallStructFromXmlRpcWithEntities() + { + $native = array(' ' => 0); + $xml = ' 0' + . ''; + $val = Zend_XmlRpc_Value::getXmlRpcValue($xml, Zend_XmlRpc_Value::XML_STRING); + $this->assertXmlRpcType('struct', $val); + $this->assertSame($native, $val->getValue()); + $this->assertSame($this->wrapXml($xml), $val->saveXML()); + } + /** * @group ZF-3947 */ Index: library/Zend/XmlRpc/Value.php =================================================================== --- library/Zend/XmlRpc/Value.php (revision 17681) +++ library/Zend/XmlRpc/Value.php (working copy) @@ -397,6 +397,28 @@ $this->_as_xml = $xml; } + + /** + * Make sure a string will be safe for XML, convert risky characters to entities + * + * @param string $str + * @return string + */ + protected function _escapeXmlEntities($str) + { + return htmlspecialchars($str, ENT_QUOTES, 'UTF-8'); + } + + /** + * Convert XML entities into string values + * + * @param string $str + * @return string + */ + protected function _decodeXmlEntities($str) + { + return html_entity_decode($str, ENT_QUOTES, 'UTF-8'); + } } Index: library/Zend/XmlRpc/Value/Struct.php =================================================================== --- library/Zend/XmlRpc/Value/Struct.php (revision 17681) +++ library/Zend/XmlRpc/Value/Struct.php (working copy) @@ -64,7 +64,7 @@ foreach ($this->_value as $name => $val) { /* @var $val Zend_XmlRpc_Value */ $member = $struct->appendChild($dom->createElement('member')); - $member->appendChild($dom->createElement('name', $name)); + $member->appendChild($dom->createElement('name', $this->_escapeXmlEntities($name))); $member->appendChild($dom->importNode($val->getAsDOM(), 1)); } } Index: library/Zend/XmlRpc/Value/String.php =================================================================== --- library/Zend/XmlRpc/Value/String.php (revision 17681) +++ library/Zend/XmlRpc/Value/String.php (working copy) @@ -45,7 +45,7 @@ $this->_type = self::XMLRPC_TYPE_STRING; // Make sure this value is string and all XML characters are encoded - $this->_value = $this->_xml_entities($value); + $this->_value = $this->_escapeXmlEntities($value); } /** @@ -56,19 +56,7 @@ */ public function getValue() { - return html_entity_decode($this->_value, ENT_QUOTES, 'UTF-8'); + return $this->_decodeXmlEntities($this->_value); } - - /** - * Make sure a string will be safe for XML, convert risky characters to HTML entities - * - * @param string $str - * @return string - */ - private function _xml_entities($str) - { - return htmlentities($str, ENT_QUOTES, 'UTF-8'); - } - }