更新时间:2022-10-22 07:42:46
尝试
code> htmlspecialchars($ string_from_hell,ENT_QUOTES,UTF-8)
htmlentities
不会这样做,因为它将创建不能在XML中识别的HTML实体,而只能HTML。您还应该指定字符集,因为默认值不是UTF-8,它是ISO-8859-1。
您还缺少引号()。
还有更好的方法来创建处理转义的XML文件,例如 XMLWriter 。
I have some strings that are valid in my database but when I include them in an attribute of a UTF-8 XML output they give me the following error:
XML Parsing Error: not well-formed
My current code (simplified):
header('Content-Type: text/xml');
echo '<?xml version="1.0" encoding="UTF-8" standalone="yes"?>';
echo '<root attribute="' . htmlentities($string_from_hell) . '">';
How should I format these strings before including them in XML attributes?
A possible value for $string_from_hell
: 
(don't know if it will show up properly)
Try
htmlspecialchars($string_from_hell, ENT_QUOTES, "UTF-8")
htmlentities
won't do because it will create HTML entities that are not recognized in XML, only HTML. You should also specify the charset because the default is not UTF-8, it's the ISO-8859-1.
You're also missing the quotes ("
) around the attribute value.
There are also better ways to create XML files that handle escaping for you. See e.g. XMLWriter.