DOMDocument Load XML giving error & quotes insert error

Posted on 2008-11-13
Medium Priority
Last Modified: 2012-05-05
Hello All
I have a user form and the clients fill the information. On submit, Im making it as XML and posting it to XML. Now the problem happend when sombody enters any special chanrachters like "&" or double quotes. then the xml is not loaded. it but if a plain text is inserted then its all fine.
The user on the web is free to insert any text in the textbox, so how can i tackle this problem.
Secondly, what if in the text user inserts " double quotes, then my query gives error.
I tried using addslash but for some reason it doesn\t work.

$objDOM = new DOMDocument();

above is the code for loading the xmlstring which is posted by the form.

plz help
Question by:VBpassion
  • 2
LVL 10

Expert Comment

ID: 22953124
Use this instead:

$objDOM = new DOMDocument();
$objDOM->loadXML(htmlentities($xmlstring, ENT_QUOTES));

Author Comment

ID: 22957847
Hi i did that, now its saying,
Warning: DOMDocument::loadXML() [function.DOMDocument-loadXML]: Start tag expected, '<' not found in Entity.

Just to let u know my XML which is posted is this
   <child> sgsgsgssdgsdgsdg</child>
   <child>the mansion & the palace, "dracula" the movie</child>

What i understand from the above errror is, when i say the xmlobject is unable to find the < tag because of the fucntion which u asked me to do. or may be somethign else..

kindly help to resolved....im really stuck

LVL 10

Accepted Solution

ray-solomon earned 320 total points
ID: 22958244
I see. You need to apply the htmlentities() function to the content of the xml string and not the xml itself.

For Example:
   <child> sgsgsgssdgsdgsdg</child>
   <child>the mansion & the palace, "dracula" the movie</child>

will be this:
   <child> sgsgsgssdgsdgsdg</child>
   <child>the mansion &amp; the palace, &quot;dracula&quot; the movie</child>

You can do this by finding the script that is generating the xml code for the $xmlstring variable and applying the htmlentities to the content between the element nodes.

If you show me the code for that I can help you determine where to use the htmlentities() function.


Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

JavaScript has plenty of pieces of code people often just copy/paste from somewhere but never quite fully understand. Self-Executing functions are just one good example that I'll try to demystify here.
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
Suggested Courses
Course of the Month14 days, 19 hours left to enroll

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question