jvanasco Posted October 16, 2015 Share Posted October 16, 2015 Please excuse my messy code I am still very much learning how to use PHP. I have a php file that creates an xml file which then gets sent to my client using phpmailer. What is happening is when clients fill in my form/application it is allowing some ampersands and that is creating an issue when he is trying to import the xml into excel. What I was trying to do is us the htmlspecialchars function to fix this issue. My code is below which i have not synced up to the server yet as I want to make sure it will work. I really only need to make sure that any POST data in regards to ZONES is cleaning up any special characters. <?php foreach ($_POST as $key => $value) { $_POST[$key] = htmlspecialchars($value); } $myFile = "{$_POST['Last_Name']}-{$_POST['Request_Number']}.xml"; $fh = fopen($myFile, 'w') or die("can't open file"); $stringData = "<?xml version='1.0' encoding='windows-1250'?> <project> <RequestNumber>{$_POST['Request_Number']}</RequestNumber> <company>{$_POST['Company']}</company> <firstname>{$_POST['First_Name']}</firstname> <lastname>{$_POST['Last_Name']}</lastname> <phone>{$_POST['Phone']}</phone> <fax>{$_POST['Fax']}</fax> <email>{$_POST['Email']}</email> <address>{$_POST['Address']}</address> <city>{$_POST['City']}</city> <state>{$_POST['State']}</state> <zipcode>{$_POST['Zipcode']}</zipcode> <ProjectName>{$_POST['Project_Name']}</ProjectName> <ProjectZipcode>{$_POST['Project_Zipcode']}</ProjectZipcode> <Ease>{$_POST['Ease_of_Installation']}</Ease> <Performance>{$_POST['Performance']}</Performance> <startdate>{$_POST['Start_Date']}</startdate> <installerlevel>{$_POST['Installer_Level']}</installerlevel> <Heatsource>{$_POST['Heatsource']}</Heatsource> <overallstructureinsulation>{$_POST['Overall_structure_insulation']}</overallstructureinsulation> <comments>{$_POST['Comments']}</comments> <ZoneName> <ZoneName1>{$_POST['Zone_Name']}</ZoneName1> <ZoneName2>{$_POST['Zone_Name2']}</ZoneName2> <ZoneName3>{$_POST['Zone_Name3']}</ZoneName3> <ZoneName4>{$_POST['Zone_Name4']}</ZoneName4> <ZoneName5>{$_POST['Zone_Name5']}</ZoneName5> <ZoneName6>{$_POST['Zone_Name6']}</ZoneName6> <ZoneName7>{$_POST['Zone_Name7']}</ZoneName7> <ZoneName8>{$_POST['Zone_Name8']}</ZoneName8> <ZoneName9>{$_POST['Zone_Name9']}</ZoneName9> <ZoneName10>{$_POST['Zone_Name10']}</ZoneName10> </ZoneName> <DesignTemperature> <DesignTemp1>{$_POST['Design_Temperature']}</DesignTemp1> <DesignTemp2>{$_POST['Design_Temperature2']}</DesignTemp2> <DesignTemp3>{$_POST['Design_Temperature3']}</DesignTemp3> <DesignTemp4>{$_POST['Design_Temperature4']}</DesignTemp4> <DesignTemp5>{$_POST['Design_Temperature5']}</DesignTemp5> <DesignTemp6>{$_POST['Design_Temperature6']}</DesignTemp6> <DesignTemp7>{$_POST['Design_Temperature7']}</DesignTemp7> <DesignTemp8>{$_POST['Design_Temperature8']}</DesignTemp8> <DesignTemp9>{$_POST['Design_Temperature9']}</DesignTemp9> <DesignTemp10>{$_POST['Design_Temperature10']}</DesignTemp10> </DesignTemperature> <SnowMeltingClass> <SnowMelting1>{$_POST['Snow_Melting']}</SnowMelting1> <SnowMelting2>{$_POST['Snow_Melting2']}</SnowMelting2> <SnowMelting3>{$_POST['Snow_Melting3']}</SnowMelting3> <SnowMelting4>{$_POST['Snow_Melting4']}</SnowMelting4> <SnowMelting5>{$_POST['Snow_Melting5']}</SnowMelting5> <SnowMelting6>{$_POST['Snow_Melting6']}</SnowMelting6> <SnowMelting7>{$_POST['Snow_Melting7']}</SnowMelting7> <SnowMelting8>{$_POST['Snow_Melting8']}</SnowMelting8> <SnowMelting9>{$_POST['Snow_Melting9']}</SnowMelting9> <SnowMelting10>{$_POST['Snow_Melting10']}</SnowMelting10> </SnowMeltingClass> <TypeOfTubing> <Tubing1>{$_POST['Tubing']}</Tubing1> <Tubing2>{$_POST['Tubing2']}</Tubing2> <Tubing3>{$_POST['Tubing3']}</Tubing3> <Tubing4>{$_POST['Tubing4']}</Tubing4> <Tubing5>{$_POST['Tubing5']}</Tubing5> <Tubing6>{$_POST['Tubing6']}</Tubing6> <Tubing7>{$_POST['Tubing7']}</Tubing7> <Tubing8>{$_POST['Tubing8']}</Tubing8> <Tubing9>{$_POST['Tubing9']}</Tubing9> <Tubing10>{$_POST['Tubing10']}</Tubing10> </TypeOfTubing> <TypeOfInstallation> <Type_of_Installation1>{$_POST['Type_of_Installation']}</Type_of_Installation1> <Type_of_Installation2>{$_POST['Type_of_Installation2']}</Type_of_Installation2> <Type_of_Installation3>{$_POST['Type_of_Installation3']}</Type_of_Installation3> <Type_of_Installation4>{$_POST['Type_of_Installation4']}</Type_of_Installation4> <Type_of_Installation5>{$_POST['Type_of_Installation5']}</Type_of_Installation5> <Type_of_Installation6>{$_POST['Type_of_Installation6']}</Type_of_Installation6> <Type_of_Installation7>{$_POST['Type_of_Installation7']}</Type_of_Installation7> <Type_of_Installation8>{$_POST['Type_of_Installation8']}</Type_of_Installation8> <Type_of_Installation9>{$_POST['Type_of_Installation9']}</Type_of_Installation9> <Type_of_Installation10>{$_POST['Type_of_Installation10']}</Type_of_Installation10> </TypeOfInstallation> <SlabThickness> <SlabThickness1>{$_POST['Slab_Thickness']}</SlabThickness1> <SlabThickness2>{$_POST['Slab_Thickness2']}</SlabThickness2> <SlabThickness3>{$_POST['Slab_Thickness3']}</SlabThickness3> <SlabThickness4>{$_POST['Slab_Thickness4']}</SlabThickness4> <SlabThickness5>{$_POST['Slab_Thickness5']}</SlabThickness5> <SlabThickness6>{$_POST['Slab_Thickness6']}</SlabThickness6> <SlabThickness7>{$_POST['Slab_Thickness7']}</SlabThickness7> <SlabThickness8>{$_POST['Slab_Thickness8']}</SlabThickness8> <SlabThickness9>{$_POST['Slab_Thickness9']}</SlabThickness9> <SlabThickness10>{$_POST['Slab_Thickness10']}</SlabThickness10> </SlabThickness> <ThinSlab> <thinslab1>{$_POST['Thin_Slab']}</thinslab1> <thinslab2>{$_POST['Thin_Slab2']}</thinslab2> <thinslab3>{$_POST['Thin_Slab3']}</thinslab3> <thinslab4>{$_POST['Thin_Slab4']}</thinslab4> <thinslab5>{$_POST['Thin_Slab5']}</thinslab5> <thinslab6>{$_POST['Thin_Slab6']}</thinslab6> <thinslab7>{$_POST['Thin_Slab7']}</thinslab7> <thinslab8>{$_POST['Thin_Slab8']}</thinslab8> <thinslab9>{$_POST['Thin_Slab9']}</thinslab9> <thinslab10>{$_POST['Thin_Slab10']}</thinslab10> </ThinSlab> <OverSubfloor> <OverSubfloor1>{$_POST['Over_Subfloor']}</OverSubfloor1> <OverSubfloor2>{$_POST['Over_Subfloor2']}</OverSubfloor2> <OverSubfloor3>{$_POST['Over_Subfloor3']}</OverSubfloor3> <OverSubfloor4>{$_POST['Over_Subfloor4']}</OverSubfloor4> <OverSubfloor5>{$_POST['Over_Subfloor5']}</OverSubfloor5> <OverSubfloor6>{$_POST['Over_Subfloor6']}</OverSubfloor6> <OverSubfloor7>{$_POST['Over_Subfloor7']}</OverSubfloor7> <OverSubfloor8>{$_POST['Over_Subfloor8']}</OverSubfloor8> <OverSubfloor9>{$_POST['Over_Subfloor9']}</OverSubfloor9> <OverSubfloor10>{$_POST['Over_Subfloor10']}</OverSubfloor10> </OverSubfloor> <JoistSpacing> <JoistSpacing1>{$_POST['Joist_Spacing']}</JoistSpacing1> <JoistSpacing2>{$_POST['Joist_Spacing2']}</JoistSpacing2> <JoistSpacing3>{$_POST['Joist_Spacing3']}</JoistSpacing3> <JoistSpacing4>{$_POST['Joist_Spacing4']}</JoistSpacing4> <JoistSpacing5>{$_POST['Joist_Spacing5']}</JoistSpacing5> <JoistSpacing6>{$_POST['Joist_Spacing6']}</JoistSpacing6> <JoistSpacing7>{$_POST['Joist_Spacing7']}</JoistSpacing7> <JoistSpacing8>{$_POST['Joist_Spacing8']}</JoistSpacing8> <JoistSpacing9>{$_POST['Joist_Spacing9']}</JoistSpacing9> <JoistSpacing10>{$_POST['Joist_Spacing10']}</JoistSpacing10> </JoistSpacing> <Subfloor> <Subfloor1>{$_POST['Subfloor']}</Subfloor1> <Subfloor2>{$_POST['Subfloor2']}</Subfloor2> <Subfloor3>{$_POST['Subfloor3']}</Subfloor3> <Subfloor4>{$_POST['Subfloor4']}</Subfloor4> <Subfloor5>{$_POST['Subfloor5']}</Subfloor5> <Subfloor6>{$_POST['Subfloor6']}</Subfloor6> <Subfloor7>{$_POST['Subfloor7']}</Subfloor7> <Subfloor8>{$_POST['Subfloor8']}</Subfloor8> <Subfloor9>{$_POST['Subfloor9']}</Subfloor9> <Subfloor10>{$_POST['Subfloor10']}</Subfloor10> </Subfloor> <Area> <Area1>{$_POST['Area']}</Area1> <Area2>{$_POST['Area2']}</Area2> <Area3>{$_POST['Area3']}</Area3> <Area4>{$_POST['Area4']}</Area4> <Area5>{$_POST['Area5']}</Area5> <Area6>{$_POST['Area6']}</Area6> <Area7>{$_POST['Area7']}</Area7> <Area8>{$_POST['Area8']}</Area8> <Area9>{$_POST['Area9']}</Area9> <Area10>{$_POST['Area10']}</Area10> </Area> <WindowArea> <WindowArea1>{$_POST['Window_Area']}</WindowArea1> <WindowArea2>{$_POST['Window_Area2']}</WindowArea2> <WindowArea3>{$_POST['Window_Area3']}</WindowArea3> <WindowArea4>{$_POST['Window_Area4']}</WindowArea4> <WindowArea5>{$_POST['Window_Area5']}</WindowArea5> <WindowArea6>{$_POST['Window_Area6']}</WindowArea6> <WindowArea7>{$_POST['Window_Area7']}</WindowArea7> <WindowArea8>{$_POST['Window_Area8']}</WindowArea8> <WindowArea9>{$_POST['Window_Area9']}</WindowArea9> <WindowArea10>{$_POST['Window_Area10']}</WindowArea10> </WindowArea> <WallLength> <WallLength1>{$_POST['Wall_Length']}</WallLength1> <WallLength2>{$_POST['Wall_Length2']}</WallLength2> <WallLength3>{$_POST['Wall_Length3']}</WallLength3> <WallLength4>{$_POST['Wall_Length4']}</WallLength4> <WallLength5>{$_POST['Wall_Length5']}</WallLength5> <WallLength6>{$_POST['Wall_Length6']}</WallLength6> <WallLength7>{$_POST['Wall_Length7']}</WallLength7> <WallLength8>{$_POST['Wall_Length8']}</WallLength8> <WallLength9>{$_POST['Wall_Length9']}</WallLength9> <WallLength10>{$_POST['Wall_Length10']}</WallLength10> </WallLength> <DoorArea> <DoorArea1>{$_POST['Door_Area']}</DoorArea1> <DoorArea2>{$_POST['Door_Area2']}</DoorArea2> <DoorArea3>{$_POST['Door_Area3']}</DoorArea3> <DoorArea4>{$_POST['Door_Area4']}</DoorArea4> <DoorArea5>{$_POST['Door_Area5']}</DoorArea5> <DoorArea6>{$_POST['Door_Area6']}</DoorArea6> <DoorArea7>{$_POST['Door_Area7']}</DoorArea7> <DoorArea8>{$_POST['Door_Area8']}</DoorArea8> <DoorArea9>{$_POST['Door_Area9']}</DoorArea9> <DoorArea10>{$_POST['Door_Area10']}</DoorArea10> </DoorArea> <CeilingHeight> <CeilingHeight1>{$_POST['Ceiling_Height']}</CeilingHeight1> <CeilingHeight2>{$_POST['Ceiling_Height2']}</CeilingHeight2> <CeilingHeight3>{$_POST['Ceiling_Height3']}</CeilingHeight3> <CeilingHeight4>{$_POST['Ceiling_Height4']}</CeilingHeight4> <CeilingHeight5>{$_POST['Ceiling_Height5']}</CeilingHeight5> <CeilingHeight6>{$_POST['Ceiling_Height6']}</CeilingHeight6> <CeilingHeight7>{$_POST['Ceiling_Height7']}</CeilingHeight7> <CeilingHeight8>{$_POST['Ceiling_Height8']}</CeilingHeight8> <CeilingHeight9>{$_POST['Ceiling_Height9']}</CeilingHeight9> <CeilingHeight10>{$_POST['Ceiling_Height10']}</CeilingHeight10> </CeilingHeight> <HeatedAbove> <heatedabove1>{$_POST['Heated_Above']}</heatedabove1> <heatedabove2>{$_POST['Heated_Above2']}</heatedabove2> <heatedabove3>{$_POST['Heated_Above3']}</heatedabove3> <heatedabove4>{$_POST['Heated_Above4']}</heatedabove4> <heatedabove5>{$_POST['Heated_Above4']}</heatedabove5> <heatedabove6>{$_POST['Heated_Above6']}</heatedabove6> <heatedabove7>{$_POST['Heated_Above7']}</heatedabove7> <heatedabove8>{$_POST['Heated_Above8']}</heatedabove8> <heatedabove9>{$_POST['Heated_Above9']}</heatedabove9> <heatedabove10>{$_POST['Heated_Above10']}</heatedabove10> </HeatedAbove> <HeatedBelow> <heatedbelow1>{$_POST['Heated_Below']}</heatedbelow1> <heatedbelow2>{$_POST['Heated_Below2']}</heatedbelow2> <heatedbelow3>{$_POST['Heated_Below3']}</heatedbelow3> <heatedbelow4>{$_POST['Heated_Below4']}</heatedbelow4> <heatedbelow5>{$_POST['Heated_Below5']}</heatedbelow5> <heatedbelow6>{$_POST['Heated_Below6']}</heatedbelow6> <heatedbelow7>{$_POST['Heated_Below7']}</heatedbelow7> <heatedbelow8>{$_POST['Heated_Below8']}</heatedbelow8> <heatedbelow9>{$_POST['Heated_Below9']}</heatedbelow9> <heatedbelow10>{$_POST['Heated_Below10']}</heatedbelow10> </HeatedBelow> <QuoteBaseboard> <QuoteBaseboard1>{$_POST['Quote_Baseboard']}</QuoteBaseboard1> <QuoteBaseboard2>{$_POST['Quote_Baseboard2']}</QuoteBaseboard2> <QuoteBaseboard3>{$_POST['Quote_Baseboard3']}</QuoteBaseboard3> <QuoteBaseboard4>{$_POST['Quote_Baseboard4']}</QuoteBaseboard4> <QuoteBaseboard5>{$_POST['Quote_Baseboard5']}</QuoteBaseboard5> <QuoteBaseboard6>{$_POST['Quote_Baseboard6']}</QuoteBaseboard6> <QuoteBaseboard7>{$_POST['Quote_Baseboard7']}</QuoteBaseboard7> <QuoteBaseboard8>{$_POST['Quote_Baseboard8']}</QuoteBaseboard8> <QuoteBaseboard9>{$_POST['Quote_Baseboard9']}</QuoteBaseboard9> <QuoteBaseboard10>{$_POST['Quote_Baseboard10']}</QuoteBaseboard10> </QuoteBaseboard> <Glycol> <Glycol1>{$_POST['Glycol']}</Glycol1> <Glycol2>{$_POST['Glycol2']}</Glycol2> <Glycol3>{$_POST['Glycol3']}</Glycol3> <Glycol4>{$_POST['Glycol4']}</Glycol4> <Glycol5>{$_POST['Glycol5']}</Glycol5> <Glycol6>{$_POST['Glycol6']}</Glycol6> <Glycol7>{$_POST['Glycol7']}</Glycol7> <Glycol8>{$_POST['Glycol8']}</Glycol8> <Glycol9>{$_POST['Glycol9']}</Glycol9> <Glycol10>{$_POST['Glycol10']}</Glycol10> </Glycol> <DomesticHotWater>{$_POST['Domestic_Hot_Water']}</DomesticHotWater> <NumberOfShowers>{$_POST['Showers']}</NumberOfShowers> <SimultaneousShowers>{$_POST['Simultaneous_Showers']}</SimultaneousShowers> <NumberOfSinks>{$_POST['Sinks']}</NumberOfSinks> <Vanities>{$_POST['Vanities']}</Vanities> <Toilets>{$_POST['Toilets']}</Toilets> <Washers>{$_POST['Washers']}</Washers> <Spigots>{$_POST['Spigots']}</Spigots> "; $stringData = htmlspecialchars($stringData); fwrite($fh, $stringData); $stringData = "</project>\n"; fwrite($fh, $stringData); fclose($fh); ?> Quote Link to comment https://forums.phpfreaks.com/topic/298642-help-with-php-htmlspecialchars-function-on-post-data/ Share on other sites More sharing options...
hansford Posted October 16, 2015 Share Posted October 16, 2015 You need to set up a a local testing ground for such things. Use Wamp, Xampp or another full stack application. Get it working locally and then upload to your server. Quote Link to comment https://forums.phpfreaks.com/topic/298642-help-with-php-htmlspecialchars-function-on-post-data/#findComment-1523460 Share on other sites More sharing options...
jvanasco Posted October 16, 2015 Author Share Posted October 16, 2015 I have a development server already for all my other projects, what I meant was I wanted help with the code before I uploaded to my dev server because I am sure that I am doing something wrong. Quote Link to comment https://forums.phpfreaks.com/topic/298642-help-with-php-htmlspecialchars-function-on-post-data/#findComment-1523461 Share on other sites More sharing options...
jvanasco Posted October 16, 2015 Author Share Posted October 16, 2015 okay it looks like my code mostly works but as you can see now it is messing up all my xml tags, Can I somehow limit it to just the post data? <?xml version='1.0' encoding='windows-1250'?> <project> <RequestNumber>5524445</RequestNumber> <company>purelygeek</company> <firstname>Jonathan</firstname> <lastname>Vanasco</lastname> <phone>6318915023</phone> Quote Link to comment https://forums.phpfreaks.com/topic/298642-help-with-php-htmlspecialchars-function-on-post-data/#findComment-1523465 Share on other sites More sharing options...
Ch0cu3r Posted October 16, 2015 Share Posted October 16, 2015 That is because you are applying htmlspecialchars to $stringData $stringData = htmlspecialchars($stringData); Its the foreach loop at the top of your code that is applying htmlspecialchars to your POST data only Quote Link to comment https://forums.phpfreaks.com/topic/298642-help-with-php-htmlspecialchars-function-on-post-data/#findComment-1523467 Share on other sites More sharing options...
jvanasco Posted October 16, 2015 Author Share Posted October 16, 2015 That worked thank you! Quote Link to comment https://forums.phpfreaks.com/topic/298642-help-with-php-htmlspecialchars-function-on-post-data/#findComment-1523468 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.