Geek Answers Handbook

Ampersand's XML problem when creating a URL string

I am working with an XML feed that, as one of its nodes, has a URL string similar to the following:

http://aflite.co.uk/track/?aid=13414&mid=32532&dl=http://www.google.com/&aref=chris

I understand that ampersands cause a lot of problems in XML and must be escaped with & instead of naked & . So I changed php as follows:

 <node><?php echo ('http://aflite.co.uk/track/?aid=13414&amp;mid=32532&amp;dl=http://www.google.com/&amp;aref=chris'); ?></node>

However, when it generates an XML feed, the line appears with full &amp; and therefore the actual url is not working. Sorry if this is a very basic misunderstanding, but some recommendations will be excellent.

I also tried using %26 instead of &amp; but still getting the same problem.

+4
source share
2 answers

If you embed something in XML / HTML, you should always use the htmlspecialchars function. this will save your lines from the correct XML syntax.

but you are facing a second problem. you added the second url to the first. this need also escaped into the url syntax. for this you need to use urlencode .

 <node><?php echo htmlspecialchars('http://aflite.co.uk/track/?aid=13414&mid=32532&aref=chris&dl='.urlencode('http://www.google.com/')); ?></node>
+6
source

&amp; is correct for escaping ampersands in an XML document. The example you provided should work.

You state that it does not work, but you did not indicate which application you are using or how it does not work. What exactly happens when you click a link? Strings &amp; get into the browser url field? In this case, it sounds like a bug with the software with which you are viewing XML. Have you tried looking at XML in another application to make sure the problem is incompatible?

To answer the final part of your question: %26 definitely not work for you - this will be what you will use if your URL parameters should contain ampersands. Say, for example, in aref=chris , if the name chris was in an ampersand (for example, the username was chris&bob ), then this ampersand must be escaped with %26 so that the URL parser does not see this as the beginning of a new URL parameter.

Hope this helps.

+4
source

More articles:


All Articles