$lXPathPassword = $Encoder->encodeForXPath($lPassword);
}else{
$lXPathUsername = $lUsername;
$lXPathPassword = $lPassword;
}// end if
if($lEncodeOutput){
$lHTMLUsername = $Encoder->encodeForHTML($lUsername);
}else{
$lHTMLUsername = $lUsername;
}// end if
$lXPathQueryString = "//Employee[UserName='******' and Password='******']";
$lXPathQueryString = str_replace("{USERNAME}", $lXPathUsername, $lXPathQueryString);
$lXPathQueryString = str_replace("{PASSWORD}", $lXPathPassword, $lXPathQueryString);
$lXMLQueryResults = $XMLHandler->ExecuteXPATHQuery($lXPathQueryString);
if($lEncodeOutput){
$lHTMLXPathQueryString = $Encoder->encodeForHTML($lXPathQueryString);
}else{
$lHTMLXPathQueryString = $lXPathQueryString;
}// end if
echo '<br />
<div class="report-header">
Results for <span ReflectedXSSExecutionPoint="1" style="color:#770000;">'
.$lHTMLUsername.
'</span></div>';
echo '<br /><span style="font-weight:bold;">Executed query:</span> ' . $lHTMLXPathQueryString . '<br /><br />';
if ($lXMLQueryResults){
