WildByDesign Posted December 29, 2024 Posted December 29, 2024 (edited) I've been stuck for 3-4 days now trying every possible method I can think of. I figured it's time that I better ask for help on this or risk losing my sanity. I tried for a day or so with the XML UDF (version 1.1.1.13) and was not able to remove multiple nodes or even a single node. I tried all delete node examples. I spent another day or so with StringReplace/StringRegExpReplace/StringBetween examples and had no luck, likely due to the multiple line breaks. I would be thankful for either a proper XML method of removing all matching nodes in the XML file or possibly even a StringReplace/StringRegExpReplace/StringBetween method. Whatever gets the job done is fine and preferably the quickest method. Each example file that I have to make an automated process for generally has 3,000 - 5,000 or more of these nodes. Example: <Events> <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Kernel-General" Guid="{a68ca8b7-004f-d7b6-a698-07e2de0f1f5d}" /> <EventID>14</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x20</Keywords> <TimeCreated SystemTime="2024-12-21T06:15:52.738555100-05:00" /> <Correlation ActivityID="{00000000-0000-0000-0000-000000000000}" /> <Execution ProcessID="12512" ThreadID="14168" ProcessorID="0" KernelTime="0" UserTime="0" /> <Channel /> <Computer /> </System> <EventData> <Data Name="Mode">Permissive</Data> <Data Name="ObjectType">Key</Data> <Data Name="ObjectName">\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options</Data> <Data Name="ProcessName">\Device\HarddiskVolume3\Windows\System32\notepad.exe</Data> <Data Name="ObjectCreatorProcessName"></Data> <Data Name="AccessMask">0x9</Data> <Data Name="TokenType"> 1</Data> <Data Name="ImpersonationLevel"> 0</Data> <Data Name="SessionId"> 1</Data> <Data Name="LowBoxNumber"> 18</Data> <Data Name="TokenGroupsCount"> 1</Data> <ComplexData Name="TokenGroups"> <Data Name="GroupAttributes">0x0</Data> <Data Name="GroupSid">S-1-5-21-2132944913-3894426601-2088357866-1000</Data> </ComplexData> <Data Name="TokenPackageCount"> 1</Data> <ComplexData Name="TokenPackage"> <Data Name="PackageSid">S-1-15-2-3573185071-1305232710-3586399557-853445500-2893132591-3326066854-537196996</Data> </ComplexData> <Data Name="TokenCapabilityCount"> 1</Data> <ComplexData Name="TokenCapabilities"> <Data Name="CapabilityAttributes">0x4</Data> <Data Name="CapabilitySid">S-1-15-3-1024-3247294477-1055689029-3368529789-3941363664-2797964971-2286479452-540989846-2924655214</Data> </ComplexData> <Data Name="TokenTrustLevelCount"> 0</Data> <ComplexData Name="TokenTrustLevel"> </ComplexData> <Data Name="SecurityDescriptorRevision">1</Data> <Data Name="SecurityDescriptorControl">0x9C14</Data> <Data Name="SecurityDescriptorOwner">S-1-5-18</Data> <Data Name="SecurityDescriptorGroup">S-1-5-18</Data> <Data Name="DaclRevision">2</Data> <Data Name="DaclAceCount">12</Data> <ComplexData Name="DaclAce"> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x0</Data> <Data Name="AccessMask">0x20019</Data> <Data Name="Sid">S-1-5-32-545</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0xA</Data> <Data Name="AccessMask">0x80000000</Data> <Data Name="Sid">S-1-5-32-545</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x0</Data> <Data Name="AccessMask">0xF003F</Data> <Data Name="Sid">S-1-5-32-544</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0xA</Data> <Data Name="AccessMask">0x10000000</Data> <Data Name="Sid">S-1-5-32-544</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x0</Data> <Data Name="AccessMask">0xF003F</Data> <Data Name="Sid">S-1-5-18</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0xA</Data> <Data Name="AccessMask">0x10000000</Data> <Data Name="Sid">S-1-5-18</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x0</Data> <Data Name="AccessMask">0xF003F</Data> <Data Name="Sid">S-1-5-18</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0xA</Data> <Data Name="AccessMask">0x10000000</Data> <Data Name="Sid">S-1-3-0</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x0</Data> <Data Name="AccessMask">0x20019</Data> <Data Name="Sid">S-1-15-2-1</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0xA</Data> <Data Name="AccessMask">0x80000000</Data> <Data Name="Sid">S-1-15-2-1</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x0</Data> <Data Name="AccessMask">0x20019</Data> <Data Name="Sid">redacted</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0xA</Data> <Data Name="AccessMask">0x80000000</Data> <Data Name="Sid">redacted</Data> </ComplexData> <Data Name="SaclRevision">0</Data> <Data Name="SaclAceCount">0</Data> <ComplexData Name="SaclAce"> </ComplexData> </EventData> <RenderingInfo Culture="en-US"> <Level>Error </Level> <Keywords> <Keyword>KERNEL_GENERAL_SECURITY_ACCESSCHECK</Keyword> </Keywords> <Provider>Microsoft-Windows-Kernel-General </Provider> </RenderingInfo> </Event> <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Kernel-General" Guid="{a68ca8b7-004f-d7b6-a698-07e2de0f1f5d}" /> <EventID>14</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x20</Keywords> <TimeCreated SystemTime="2024-12-21T06:15:52.738569200-05:00" /> <Correlation ActivityID="{00000000-0000-0000-0000-000000000000}" /> <Execution ProcessID="12512" ThreadID="14168" ProcessorID="0" KernelTime="0" UserTime="0" /> <Channel /> <Computer /> </System> <EventData> <Data Name="Mode">Permissive</Data> <Data Name="ObjectType">Key</Data> <Data Name="ObjectName">\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notepad.exe</Data> <Data Name="ProcessName">\Device\HarddiskVolume3\Windows\System32\notepad.exe</Data> <Data Name="ObjectCreatorProcessName"></Data> <Data Name="AccessMask">0x9</Data> <Data Name="TokenType"> 1</Data> <Data Name="ImpersonationLevel"> 0</Data> <Data Name="SessionId"> 1</Data> <Data Name="LowBoxNumber"> 18</Data> <Data Name="TokenGroupsCount"> 1</Data> <ComplexData Name="TokenGroups"> <Data Name="GroupAttributes">0x0</Data> <Data Name="GroupSid">S-1-5-21-2132944913-3894426601-2088357866-1000</Data> </ComplexData> <Data Name="TokenPackageCount"> 1</Data> <ComplexData Name="TokenPackage"> <Data Name="PackageSid">S-1-15-2-3573185071-1305232710-3586399557-853445500-2893132591-3326066854-537196996</Data> </ComplexData> <Data Name="TokenCapabilityCount"> 1</Data> <ComplexData Name="TokenCapabilities"> <Data Name="CapabilityAttributes">0x4</Data> <Data Name="CapabilitySid">S-1-15-3-1024-3247294477-1055689029-3368529789-3941363664-2797964971-2286479452-540989846-2924655214</Data> </ComplexData> <Data Name="TokenTrustLevelCount"> 0</Data> <ComplexData Name="TokenTrustLevel"> </ComplexData> <Data Name="SecurityDescriptorRevision">1</Data> <Data Name="SecurityDescriptorControl">0x8C14</Data> <Data Name="SecurityDescriptorOwner">S-1-5-18</Data> <Data Name="SecurityDescriptorGroup">S-1-5-18</Data> <Data Name="DaclRevision">2</Data> <Data Name="DaclAceCount">11</Data> <ComplexData Name="DaclAce"> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x10</Data> <Data Name="AccessMask">0x20019</Data> <Data Name="Sid">S-1-5-32-545</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x1A</Data> <Data Name="AccessMask">0x80000000</Data> <Data Name="Sid">S-1-5-32-545</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x10</Data> <Data Name="AccessMask">0xF003F</Data> <Data Name="Sid">S-1-5-32-544</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x1A</Data> <Data Name="AccessMask">0x10000000</Data> <Data Name="Sid">S-1-5-32-544</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x10</Data> <Data Name="AccessMask">0xF003F</Data> <Data Name="Sid">S-1-5-18</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x1A</Data> <Data Name="AccessMask">0x10000000</Data> <Data Name="Sid">S-1-5-18</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x1A</Data> <Data Name="AccessMask">0x10000000</Data> <Data Name="Sid">S-1-3-0</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x10</Data> <Data Name="AccessMask">0x20019</Data> <Data Name="Sid">S-1-15-2-1</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x1A</Data> <Data Name="AccessMask">0x80000000</Data> <Data Name="Sid">S-1-15-2-1</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x10</Data> <Data Name="AccessMask">0x20019</Data> <Data Name="Sid">redacted</Data> <Data Name="AceType"> 0</Data> <Data Name="AceFlags">0x1A</Data> <Data Name="AccessMask">0x80000000</Data> <Data Name="Sid">redacted</Data> </ComplexData> <Data Name="SaclRevision">0</Data> <Data Name="SaclAceCount">0</Data> <ComplexData Name="SaclAce"> </ComplexData> </EventData> <RenderingInfo Culture="en-US"> <Level>Error </Level> <Keywords> <Keyword>KERNEL_GENERAL_SECURITY_ACCESSCHECK</Keyword> </Keywords> <Provider>Microsoft-Windows-Kernel-General </Provider> </RenderingInfo> </Event> </Events> Needs to look like this: <Events> <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Kernel-General" Guid="{a68ca8b7-004f-d7b6-a698-07e2de0f1f5d}" /> <EventID>14</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x20</Keywords> <TimeCreated SystemTime="2024-12-21T06:15:52.738555100-05:00" /> <Correlation ActivityID="{00000000-0000-0000-0000-000000000000}" /> <Execution ProcessID="12512" ThreadID="14168" ProcessorID="0" KernelTime="0" UserTime="0" /> <Channel /> <Computer /> </System> <EventData> <Data Name="Mode">Permissive</Data> <Data Name="ObjectType">Key</Data> <Data Name="ObjectName">\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options</Data> <Data Name="ProcessName">\Device\HarddiskVolume3\Windows\System32\notepad.exe</Data> <Data Name="ObjectCreatorProcessName"></Data> <Data Name="AccessMask">0x9</Data> <Data Name="TokenType"> 1</Data> <Data Name="ImpersonationLevel"> 0</Data> <Data Name="SessionId"> 1</Data> <Data Name="LowBoxNumber"> 18</Data> <Data Name="TokenGroupsCount"> 1</Data> <Data Name="TokenPackageCount"> 1</Data> <Data Name="TokenCapabilityCount"> 1</Data> <Data Name="TokenTrustLevelCount"> 0</Data> <Data Name="SecurityDescriptorRevision">1</Data> <Data Name="SecurityDescriptorControl">0x9C14</Data> <Data Name="SecurityDescriptorOwner">S-1-5-18</Data> <Data Name="SecurityDescriptorGroup">S-1-5-18</Data> <Data Name="DaclRevision">2</Data> <Data Name="DaclAceCount">12</Data> <Data Name="SaclRevision">0</Data> <Data Name="SaclAceCount">0</Data> </EventData> <RenderingInfo Culture="en-US"> <Level>Error </Level> <Keywords> <Keyword>KERNEL_GENERAL_SECURITY_ACCESSCHECK</Keyword> </Keywords> <Provider>Microsoft-Windows-Kernel-General </Provider> </RenderingInfo> </Event> <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Kernel-General" Guid="{a68ca8b7-004f-d7b6-a698-07e2de0f1f5d}" /> <EventID>14</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x20</Keywords> <TimeCreated SystemTime="2024-12-21T06:15:52.738569200-05:00" /> <Correlation ActivityID="{00000000-0000-0000-0000-000000000000}" /> <Execution ProcessID="12512" ThreadID="14168" ProcessorID="0" KernelTime="0" UserTime="0" /> <Channel /> <Computer /> </System> <EventData> <Data Name="Mode">Permissive</Data> <Data Name="ObjectType">Key</Data> <Data Name="ObjectName">\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\notepad.exe</Data> <Data Name="ProcessName">\Device\HarddiskVolume3\Windows\System32\notepad.exe</Data> <Data Name="ObjectCreatorProcessName"></Data> <Data Name="AccessMask">0x9</Data> <Data Name="TokenType"> 1</Data> <Data Name="ImpersonationLevel"> 0</Data> <Data Name="SessionId"> 1</Data> <Data Name="LowBoxNumber"> 18</Data> <Data Name="TokenGroupsCount"> 1</Data> <Data Name="TokenPackageCount"> 1</Data> <Data Name="TokenCapabilityCount"> 1</Data> <Data Name="TokenTrustLevelCount"> 0</Data> <Data Name="SecurityDescriptorRevision">1</Data> <Data Name="SecurityDescriptorControl">0x8C14</Data> <Data Name="SecurityDescriptorOwner">S-1-5-18</Data> <Data Name="SecurityDescriptorGroup">S-1-5-18</Data> <Data Name="DaclRevision">2</Data> <Data Name="DaclAceCount">11</Data> <Data Name="SaclRevision">0</Data> <Data Name="SaclAceCount">0</Data> </EventData> <RenderingInfo Culture="en-US"> <Level>Error </Level> <Keywords> <Keyword>KERNEL_GENERAL_SECURITY_ACCESSCHECK</Keyword> </Keywords> <Provider>Microsoft-Windows-Kernel-General </Provider> </RenderingInfo> </Event> </Events> Essentially, I need all of the ComplexData nodes removed. Some of the StringReplace/StringRegExpReplace/StringBetween examples on the forum worked for certain node examples that were on a single line (eg. <Data Name="AccessMask">0x1</Data>). But my biggest problem with the ComplexData node removal is that they span multiple lines in the file, making it more difficult. Thank you for your time. I did beyond my best efforts to try hundreds of different techniques before asking for help here but everything failed. My understanding of XML structure is lacking quite a bit also. I appreciate any and all help and I am thankful for your time. Edited December 29, 2024 by WildByDesign XML syntax doesn't appear to be working in code block
Solution Nine Posted December 29, 2024 Solution Posted December 29, 2024 That seems to work fine : #include <Constants.au3> Local $oXML = ObjCreate("Microsoft.XMLDOM") $oXML.load("Event.xml") If $oXML.parseError.errorCode Then Exit MsgBox($MB_SYSTEMMODAL, "You have an error", $oXML.parseError.reason) Local $oNode = $oXML.SelectNodes("//ComplexData") $oNode.removeAll() $oXML.save("New Event.xml") WildByDesign 1 “They did not know it was impossible, so they did it” ― Mark Twain Spoiler Block all input without UAC Save/Retrieve Images to/from Text Monitor Management (VCP commands) Tool to search in text (au3) files Date Range Picker Virtual Desktop Manager Sudoku Game 2020 Overlapped Named Pipe IPC HotString 2.0 - Hot keys with string x64 Bitwise Operations Multi-keyboards HotKeySet Recursive Array Display Fast and simple WCD IPC Multiple Folders Selector Printer Manager GIF Animation (cached) Screen Scraping Multi-Threading Made Easy
WildByDesign Posted December 29, 2024 Author Posted December 29, 2024 Local $oNode = $oXML.SelectNodes("//ComplexData") $oXML.removeAll($oNode) $oXML.save("New Event.xml") Thank you for the quick response, @Nine I can’t test it yet until later in the day, but I can immediately see where I messed up. I did something very similar but made my mistake on the removeAll line similar to the code box at the top of this message. The forum wont allow me to position the code box anywhere else in my message on my iPhone for some reason. Anyway, I really appreciate your help. I will mark your response as the answer later in the day when I get a chance to test it.
jchd Posted December 29, 2024 Posted December 29, 2024 FYI, a pedestrian way using regex is also pretty fast: Local $s = FileRead("events.xml") Local $t = StringRegExpReplace($s, "(?is)(\s*<ComplexData .*?</ComplexData>)", "") ConsoleWrite($t & @LF) WildByDesign 1 This wonderful site allows debugging and testing regular expressions (many flavors available). An absolute must have in your bookmarks.Another excellent RegExp tutorial. Don't forget downloading your copy of up-to-date pcretest.exe and pcregrep.exe hereRegExp tutorial: enough to get startedPCRE v8.33 regexp documentation latest available release and currently implemented in AutoIt beta. SQLitespeed is another feature-rich premier SQLite manager (includes import/export). Well worth a try.SQLite Expert (freeware Personal Edition or payware Pro version) is a very useful SQLite database manager.An excellent eBook covering almost every aspect of SQLite3: a must-read for anyone doing serious work.SQL tutorial (covers "generic" SQL, but most of it applies to SQLite as well)A work-in-progress SQLite3 tutorial. Don't miss other LxyzTHW pages!SQLite official website with full documentation (may be newer than the SQLite library that comes standard with AutoIt)
WildByDesign Posted December 29, 2024 Author Posted December 29, 2024 @jchd Thank you for providing an alternative method as well. I was going to use your method if the XML method ended up being too slow. However, it was even faster than I was expecting so I ended up going with the XML method. @Nine Thank you again. I ended up marking your response as the answer. It worked flawlessly for over 3,000 removed entries in a single XML document and was incredibly fast. If you don't mind, I have another question regarding these same XML entries. The last remaining thing that I need to do is remove unnecessary entries. Example: <Events> <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Kernel-General" Guid="{a68ca8b7-004f-d7b6-a698-07e2de0f1f5d}"/> <EventID>14</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x20</Keywords> <TimeCreated SystemTime="2024-12-21T06:15:52.741305000-05:00"/> <Correlation ActivityID="{00000000-0000-0000-0000-000000000000}"/> <Execution ProcessID="12512" ThreadID="14168" ProcessorID="0" KernelTime="0" UserTime="0"/> <Channel/> <Computer/> </System> <ProcessingErrorData> <ErrorCode>111</ErrorCode> <DataItemName/> <EventPayload>5000650072006D0069007300730069007600650000004B006500790000005C00520045004700490053005400520059005C004D0041004300480049004E0045005C00530059005300540045004D005C0043006F006E00740072006F006C005300650074003000300031005C0043006F006E00740072006F006C005C004E006C0073005C0053006F007200740069006E0067005C00560065007200730069006F006E0073005C004400650076006900630065005C0048006100720064006400690073006B0056006F006C0075006D00650033005C00570069006E0064006F00770073005C00530079007300740065006D00330032005C006E006F00740065007000610064002E0065007800650000000000190002000100000000000000010000001200000001000000000000000105000000000005150000001128227FE93B20E8EACF797CE803000001000000010800000000000F020000002F7AFAD44645CC4D451DC4D57C8BDE322FB371ACA6C03FC6C4F904200100000004000000010A00000000000F03000000000400000DC88DC14589EC3E7DAFC7C8D06FECEAAB8EC5A65CE8488896D93E206EB252AE0000000001148C0101000000000005120000000101000000000005120000000206000000000012000000190002000102000000000005200000002102000000000000120000003F000F000102000000000005200000002002000000000000120000003F000F00010100000000000512000000000000001A0000003F000F00010100000000000300000000000000001200000019000200010200000000000F0200000001000000000000001200000019000200010A00000000000F0300000000040000B031803F6CBC634C3CE050D1970CA1620F01CB197E7AA6C0FAE697F119A30CCE000000</EventPayload> </ProcessingErrorData> <RenderingInfo Culture="en-US"> <Level>Error </Level> <Keywords> <Keyword>KERNEL_GENERAL_SECURITY_ACCESSCHECK</Keyword> </Keywords> <Provider>Microsoft-Windows-Kernel-General </Provider> </RenderingInfo> </Event> <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Kernel-General" Guid="{a68ca8b7-004f-d7b6-a698-07e2de0f1f5d}"/> <EventID>14</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x20</Keywords> <TimeCreated SystemTime="2024-12-21T06:15:52.741839700-05:00"/> <Correlation ActivityID="{00000000-0000-0000-0000-000000000000}"/> <Execution ProcessID="12512" ThreadID="14168" ProcessorID="3" KernelTime="0" UserTime="0"/> <Channel/> <Computer/> </System> <EventData> <Data Name="Mode">Permissive</Data> <Data Name="ObjectType"></Data> <Data Name="ObjectName"></Data> <Data Name="ProcessName">\Device\HarddiskVolume3\Windows\System32\notepad.exe</Data> <Data Name="ObjectCreatorProcessName"></Data> <Data Name="AccessMask">0x800</Data> <Data Name="TokenType"> 1</Data> <Data Name="ImpersonationLevel"> 0</Data> <Data Name="SessionId"> 1</Data> <Data Name="LowBoxNumber"> 18</Data> <Data Name="TokenGroupsCount"> 1</Data> <Data Name="TokenPackageCount"> 1</Data> <Data Name="TokenCapabilityCount"> 1</Data> <Data Name="TokenTrustLevelCount"> 0</Data> <Data Name="SecurityDescriptorRevision">1</Data> <Data Name="SecurityDescriptorControl">0x8004</Data> <Data Name="SecurityDescriptorOwner">S-1-5-32-544</Data> <Data Name="SecurityDescriptorGroup">S-1-5-32-544</Data> <Data Name="DaclRevision">2</Data> <Data Name="DaclAceCount">9</Data> <Data Name="SaclRevision">0</Data> <Data Name="SaclAceCount">0</Data> </EventData> <RenderingInfo Culture="en-US"> <Level>Error </Level> <Keywords> <Keyword>KERNEL_GENERAL_SECURITY_ACCESSCHECK</Keyword> </Keywords> <Provider>Microsoft-Windows-Kernel-General </Provider> </RenderingInfo> </Event> </Events> There are two events there in this example. However, the ones that I need to process have hundreds. Basically, the ones that I want to keep have an <EventData> section. The events that I want to delete do not have an <EventData> section. Also, the events that I want to delete have a <ProcessingErrorData> section while the ones that I want to keep do not have that section. So I need to do some sort of "if it contains this section, delete the event node". But I don't know how to check if it contains that node, and if it does, go back to the event node and delete that event. I hope that I explained it well enough. Thank you for your time.
Nine Posted December 30, 2024 Posted December 30, 2024 15 hours ago, WildByDesign said: the ones that I want to keep have an <EventData> section. The events that I want to delete do not have an <EventData> section #include <Constants.au3> Global $oComError = ObjEvent('AutoIt.Error', ErrorHandler) Local $oXML = ObjCreate("Microsoft.XMLDOM") $oXML.async = False $oXML.load("Event.xml") If $oXML.parseError.errorCode Then Exit MsgBox($MB_SYSTEMMODAL, "You have an error", $oXML.parseError.reason) Local $oNodes = $oXML.SelectNodes("//ComplexData") $oNodes.removeAll() $oNodes = $oXML.SelectNodes("//Event") For $oNode In $oNodes $oData = $oNode.selectSingleNode("EventData") If Not IsObj($oData) Then $oXML.documentElement.removeChild($oNode) EndIf Next $oXML.save("Event New.xml") Func ErrorHandler($oError) EndFunc I will let you do the <ProcessingErrorData> part. WildByDesign 1 “They did not know it was impossible, so they did it” ― Mark Twain Spoiler Block all input without UAC Save/Retrieve Images to/from Text Monitor Management (VCP commands) Tool to search in text (au3) files Date Range Picker Virtual Desktop Manager Sudoku Game 2020 Overlapped Named Pipe IPC HotString 2.0 - Hot keys with string x64 Bitwise Operations Multi-keyboards HotKeySet Recursive Array Display Fast and simple WCD IPC Multiple Folders Selector Printer Manager GIF Animation (cached) Screen Scraping Multi-Threading Made Easy
WildByDesign Posted December 31, 2024 Author Posted December 31, 2024 Thank you so much. This worked perfectly and very fast. 23 hours ago, Nine said: I will let you do the <ProcessingErrorData> part. The good thing is that I didn't even end up needing to do this part. Your code snippet already removed these. Also, your code snippet helped me to understand how to properly navigate XML files better. I was able to use that new understanding to modify a few other parts of the XML successfully. I really appreciate the time that you put into helping me.
Nine Posted December 31, 2024 Posted December 31, 2024 Glad I could help. WildByDesign 1 “They did not know it was impossible, so they did it” ― Mark Twain Spoiler Block all input without UAC Save/Retrieve Images to/from Text Monitor Management (VCP commands) Tool to search in text (au3) files Date Range Picker Virtual Desktop Manager Sudoku Game 2020 Overlapped Named Pipe IPC HotString 2.0 - Hot keys with string x64 Bitwise Operations Multi-keyboards HotKeySet Recursive Array Display Fast and simple WCD IPC Multiple Folders Selector Printer Manager GIF Animation (cached) Screen Scraping Multi-Threading Made Easy
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now