safely saving and reading xml

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
yacahuma
Forum Regular
Posts: 870
Joined: Sun Jul 01, 2007 7:11 am

safely saving and reading xml

Post by yacahuma »

I am writing an application where I am saving client's input into an xml string and then putting that into the database. the , of course , read it back.
I decided to add and spanish accent letter and pufff, the xml was destroyed. Since I am saving a lot of data into an xml
I cannot take the risk of the user messing up all his hard work.

What should I do to the data to safely save and read it on the xml string.


Thank you
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: safely saving and reading xml

Post by requinix »

Make sure you have the right encoding for the XML and the character.

If the character is in UTF-8 then your XML must be as well.
User avatar
yacahuma
Forum Regular
Posts: 870
Joined: Sun Jul 01, 2007 7:11 am

Re: safely saving and reading xml

Post by yacahuma »

that works, but

I was reading a tutorial from IBM that suggest writing the xml like

$str .= '<element>' . htmlentities('valuehere', ENQ_QUOTES, 'utf-8') . '</element>'

The problem is that when I use this code and the value is an accent letter, I will automatically get and error, since the xml will have invalid characters(the ampersand),

Why will the tutorial make this suggestion if it creates invalid xml?
User avatar
requinix
Spammer :|
Posts: 6617
Joined: Wed Oct 15, 2008 2:35 am
Location: WA, USA

Re: safely saving and reading xml

Post by requinix »

The problem is that the entity isn't defined, not that there's a & in the output.

Take the character as it is and run it through utf8_encode.

Code: Select all

$str .= '<element>' . utf8_encode('valuehere') . '</element>';
PS: The constant is ENT_QUOTES.
yacahuma wrote:Why will the tutorial make this suggestion if it creates invalid xml?
Good question.
Post Reply