I've created an RSS PHP Script which pulls information directly from a database so that I can pull and display the information on a WordPress website. The issue I am having is the XML is showing some errors
error on line xxx at column xxx: xmlParseEntityRef: no name
I've tried using sanitisation, and preg/str replace but no luck. PHP 7.3.8 running Linux and MySQL 5 and Apache 2.
<?php
// Create connection
$con = mysqli_connect("ip", "username", "password");
// Check connection
if (mysqli_connect_errno($con)) {
echo "Database connection failed!: " . mysqli_connect_error();
}
$sql = "SELECT * FROM database.table ORDER BY id DESC LIMIT 25";
$query = mysqli_query($con,$sql);
header("Content-type: text/xml");
echo "<?xml version='1.0' encoding='UTF-8'?>
<rss version='2.0'>
<channel>
<title>My Title</title>
<link>/</link>
<description>Description about the RSS Feed.</description>
<language>en-us</language>";
while($row = mysqli_fetch_array($query)) {
$rowid = $row['id'];
$id = $row['buyer_id'];
$title = $row['title'];
$message = preg_replace('/&(?!#?[a-z0-9]+;)/', '&', $row['message']);
$message = str_replace('\'', '"', $message);
$update = preg_replace('/&(?!#?[a-z0-9]+;)/', '&', $row['update']);
$update = str_replace('\'', '"', $update);
$url = $row['url'];
$created_at = $row['created_at'];
$updated_at = $row['updated_at'];
echo "<item>
<title>$title</title>
<link>$url</link>
<description>$message</description>
<update>$update</update>
<pubDate>$created_at</pubDate>
</item>";
}
echo "</channel>
</rss>";
?>
I get this error https://i.imgur.com/cnQ8pjb.png which seems to be referencing an & sign which should be getting replaced. https://i.imgur.com/PBsPjcn.png
Please can you assist?
