User Security for XML

Question

User Security for XML

What is the best practice for generating valid XML with PHP from user-submitted text, for example. eCommerce sales data with ampersands, angle brackets, accents without ascii, newlines, etc. etc.

What functions, libraries, regular expressions do people use?

+5

xml php character-encoding

jerrygarciuh Jun 14 '12 at 19:45

source share

4 answers

, . , base64 uuencode XML-.

+1

hakre 14 . '12 21:10

0

John conde Jun 14 '12 at 19:47

source share

You can also try:

html_entity_decode ()

0

Sebastien gicquel Nov 06 '12 at 2:48

source share

Steve robbins · Accepted Answer · 2012-06-14T19:48:11+0000

Wrap information in tags CDATAand encode data withhtmlentities()

'<tag><![CDATA[' . htmlentities($theData) . ']]></tag>'

Or using the DOM

$dom = new DOMDocument("1.0", "utf-8");

/* ... */

$dom->createCDATASection(htmlentities($theData));

User Security for XML

More articles: