Simon wrote:
> Hi,
>
> I want to save XML code into my database using php.
>
> is using:
>
> $xml = htmlentities($str, ENT_QUOTES);
>
> and saving the converted code a fairly safe way of saving the xml? I
> don't think I could have any problem with injection that way but I
> could be wrong.
> Any idea?
>
> Simon

That example should be safe, and you can just convert your later output
using html_entity_decode() (php 4.3+)