$lXPathPassword = $Encoder->encodeForXPath($lPassword); }else{ $lXPathUsername = $lUsername; $lXPathPassword = $lPassword; }// end if if($lEncodeOutput){ $lHTMLUsername = $Encoder->encodeForHTML($lUsername); }else{ $lHTMLUsername = $lUsername; }// end if $lXPathQueryString = "//Employee[UserName='******' and Password='******']"; $lXPathQueryString = str_replace("{USERNAME}", $lXPathUsername, $lXPathQueryString); $lXPathQueryString = str_replace("{PASSWORD}", $lXPathPassword, $lXPathQueryString); $lXMLQueryResults = $XMLHandler->ExecuteXPATHQuery($lXPathQueryString); if($lEncodeOutput){ $lHTMLXPathQueryString = $Encoder->encodeForHTML($lXPathQueryString); }else{ $lHTMLXPathQueryString = $lXPathQueryString; }// end if echo '<br /> <div class="report-header"> Results for <span ReflectedXSSExecutionPoint="1" style="color:#770000;">' .$lHTMLUsername. '</span></div>'; echo '<br /><span style="font-weight:bold;">Executed query:</span> ' . $lHTMLXPathQueryString . '<br /><br />'; if ($lXMLQueryResults){