Unterminated entity reference in PHP
My solution to this is specifically creating a text node, which makes sure absolutely everything is escaped properly:
$cell = $dom->createElement('td');
$cell->appendChild($dom->createTextNode($value));
This correctly encodes the & < >
and "" ''
$parent->addChild($name, htmlspecialchars($value));
SimpleXMLElement
is actually a system resource which behaves like an object. Which makes working with loops tricky. So when trying to add new child elements
instead of this:
$product->addchild('element', $value);
do this:
$product->element = $value;
or you can use htmlspecialchars()
, to escape html characters.
Note:
mysql_*
is deprecated as of php-5.5 and removed as of php-7. So instead use mysqli_*
or PDO
.
Why shouldn't I use mysql_* functions in PHP?