Documentation
encode_to_xml
usage
string encode_to_xml ( string my_string )
parameters
my_string : the string to encode in XML
returns
Returns the string with reserved XML entities encoded.
- & becomes &
- > becomes >
- < becomes <
- ' becomes '
- " becomes "
PHP can be configured to add backslashes (\) before " and ' to avoid database hacks. If your PHP is configured in this way, don't forget to add stripcslashes() :
encode_to_xml(stripcslashes($_POST["myvar"]))