0

please someone help me?

I export products from the database via PHP to XML. I'm using this code for that(short code):

PHP:

$my_file = "xml/my_xml_file.xml";
$fh = fopen($myFile, 'w');
while($new_query = mysqli_fetch_assoc($query)) {
  $xml_file .= '<ELEMENT1>'.$new_query['element_data_text'].'</ELEMENT1>'.PHP_EOL;
}
fwrite($fh, $xml_file);
fclose($fh);

The code runs and saves a file in which I can see all the elements in order. The above mentioned element looks like this:

XML:

<ELEMENT1>Consulted disposing to moonlight ye extremity. Engage piqued in on coming. </ELEMENT1>

The problem occurs when I import XML into my customer's application. The application will return an error:

Bad data type of parameter [ELEMENT1], expected string, received object.

Improve this question
5
  • Have you reached out to the customer and asked them why it would be wrong? In the exact example above, it wouldn't matter, but perhaps you have some data which would require the string to be inside CDATA tags. Commented Dec 16, 2019 at 20:15
  • @PatrickQ customer response: "you send us bad data in a element1 that I don't know from the feed. Look at it from your side." Commented Dec 16, 2019 at 20:20
  • @PatrickQ When adding CDATA, the result is the same Commented Dec 16, 2019 at 20:26
  • Honestly, if they're not willing to tell you what's wrong, I'd tell them to bugger off. The message is coming from their system. I don't think there's really anything we can do to help, based on the information you've given. Commented Dec 16, 2019 at 20:27
  • @NigelRen I'm sorry I wrote it to be 'code'@new_query'code' Commented Dec 16, 2019 at 21:09

1 Answer 1

Reset to default
2

Here are two problems visible in the source you posted.

  1. Your XML has no document element. It is invalid.
  2. You do not escape/encode the value from the database. It can break the XML or change the structure.

I suggest using XMLWriter. It is an API for just this kind of job:

$data = [
  ['element_data_text' => 'example text'],  
  ['element_data_text' => 'with special chars: < &'],
  ['element_data_text' => 'with a <strong>tag</strong>']  
];

$fileName = 'php://stdout';
$writer = new XMLWriter;
$writer->openURI($fileName);
$writer->setIndent(2);
$writer->startDocument();
$writer->startElement('DATA');

foreach ($data as $record) {
    $writer->writeElement('ELEMENT1', $record['element_data_text']);
}

$writer->endElement();
$writer->endDocument();

Output:

<?xml version="1.0"?>
<DATA>
 <ELEMENT1>example text</ELEMENT1>
 <ELEMENT1>with special chars: &lt; &amp;</ELEMENT1>
 <ELEMENT1>with a &lt;strong&gt;tag&lt;/strong&gt;</ELEMENT1>
</DATA>

The message could happen because the library the client uses returns an error object or it does generic mapping from XML to object structures (like SimpleXML).

If you generate the XML as text you should encode the dynamic values using htmlspecialchars().

$xml_file .= '<ELEMENT1>'.htmlspecialchars($new_query['element_data_text']).'</ELEMENT1>'.PHP_EOL;
Improve this answer
Sign up to request clarification or add additional context in comments.

6 Comments

Hello, xml has a complicated structure and the code would be too big to add it here ... That's why I just added part of the code. I understand the use of "" but due to the time constraint, I need to correct my code above.
The problem could also arise under conditions ... in the old code I have a lot of "if, elseif" therefore I think it would be time consuming to modify the code according to you.
Well, if you generate XML as text, you should at least use htmlspecialchars() on the database values.
htmlspecialchars() I tried my problem it did not fix
Have you tried validating the generated file with an XML validator?
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.