1

I am fairly new to XML, and have started using simplexml_load_file to import content of an XML-file. I have the following working code, but I know that it is potentially dangerous.

I need help with securing the code, content and URL, and also the opportunity to limit characters in $doc->content

                    <ul id="feed">
                    <?php
                    ob_start();
                    $xml = simplexml_load_file('wip4/xmlfeed.epl');
                    foreach ($xml->document as $doc)
                    {
                        if($num++ < 10) {
                            echo '<li class="jobb-entry"><h4><a href="'. $doc['url'] .'" title="' . $doc->title .'">'. $doc->title . '</a></h4>';
                            echo '<p>'. $doc->content . '</p>';
                            echo '<p class="apply-link clearfix"><a href="' . $doc['url'] .'" title=""><span>Apply</span></a></p></li>';
                        }
                    }
                    ob_end_flush();
                    ?>
                    </ul>

Also, if there is other methods of importing XML-documents, that are both faster and more secure, I appreciate any tips.

hakre
  • 193,403
  • 52
  • 435
  • 836
Martin-Al
  • 131
  • 1
  • 3
  • 1
    Related: [How can I use PHP's various XML libraries to get DOM-like functionality and avoid DoS vulnerabilities, like Billion Laughs or Quadratic Blowup?](http://stackoverflow.com/q/10212752/367456) – hakre Jun 24 '13 at 01:31

0 Answers0