February 2010 – dom.hastin.gs

Because htmlentities() doesn’t even come close.

This small file contains 4 functions (2 of which are taken from the PHP manual, credit given!) which will allow you to encode and decode entities from ASCII/unicode strings in either decimal or hexadecimal format for use in valid XML documents.

The xml_entity_decode() function accepts an optional second parameter to allow non-standard XML entities (that may have been specified in your schema) in the format:

array(
  // 'entity' => 'char'
  'amp' => '&',
  'lt' => '<',
  'gt' => '>',
  'apos' => '\'',
  'quot' => '"'
)

array(

// 'entity' => 'char'

'amp' => '&',

'lt' => '<',

'gt' => '>',

'apos' => '\'',

'quot' => '"'

)

Example usage:

include('funcs.xmlentities.php');

$s = '<strong>This</strong> should be safe, but don\'t assume!<br/>';
print '<Field>'.xmlentities($s).'</Field>';
// outputs: <Field>&lt;strong&gt;This&lt;/strong&gt; should be safe, but don&apos;t assume!&lt;br/&gt;</Field>

include('funcs.xmlentities.php');

$s = 'This should be safe, but don\'t assume! ';

print '<Field>'.xmlentities($s).'</Field>';

// outputs: <Field>This should be safe, but don't assume! </Field>

You can get the script here, or there’s a demo here too.

Month: February 2010

XML Entities in PHP