I am trying to save a XML code as a string in PHP in order to save it into a database later. However, the XML seems to always be executed no matter if I use "" or ' '.
$Cxml = '<Conds><C><FieldNo>119</FieldNo><Filter>' . $variable . '</Filter></C></Conds>';
What am I doing wrong?
Just replace < by < and > by >
$variable = 12345;
$Cxml = '<Conds><C><FieldNo>119</FieldNo><Filter>' . $variable . '</Filter></C></Conds>';
$temp_var1 = str_replace('<','<',$Cxml);
$temp_var2 = str_replace('>','>',$temp_var1);
echo $temp_var2;
Output :
<Conds><C><FieldNo>119</FieldNo><Filter>12345</Filter></C></Conds>
Update :
The htmlspecialchars() function generates the same output. For example:
$Cxml = '<Conds><C><FieldNo>119</FieldNo><Filter>' . $variable . '</Filter></C></Conds>';
echo htmlspecialchars($Cxml);
Explanation :
The HTML character encoder converts all applicable characters to their corresponding HTML entities. Certain characters have special significance in HTML and should be converted to their correct HTML entities to preserve their meanings.
For example, it is not possible to use the < character as it is used in the HTML syntax to create and close tags. It must be converted to its corresponding < HTML entity to be displayed in the content of an HTML page. HTML entity names are case sensitive.
$variable = 2; $Cxml = '<Conds><C><FieldNo>119</FieldNo><Filter>2</Filter></C></Conds>'and I am getting$Cxml = 1192