Hello all, I'm working on a comment script to produce a string of XML to be used for one of my ajax applications. However, I cannot figure out how to produce the xml. Assume that the passing of the parent_id variable is working for now.

Here's the code I'm using to export the XML.

<?php
    
	$parent_id = $_GET['parent_id'];
	
	$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
	$comment_query = "SELECT * FROM comments WHERE parent_id = '$parent_id' ORDER BY post_time ASC";
	$comment_data = mysqli_query($dbc, $comment_query);
	$comment_rows = mysqli_fetch_array($comment_data);
	
	
	xmlOutput = '<?xml version="1.0"?>';
	xmlOutput .= '<comments>';
	
	while($comment_rows){
		xmlOutput .= '<comment>';
		xmlOutput .= '<comment_id>'. $comment_rows['comment_id'] .'</comment_id>';
		xmlOutput .= '<poster_id>'. $comment_rows['poster_id'] . '</poster_id>';
		
		//Get username
		$username_query = "SELECT username FROM wwit_user WHERE user_id = '$comment_rows['poster_id']'";
		$username_data = mysqli_query($dbc, $username_query);
		$username_rows = mysqli_fetch_array($username_data);
		
		xmlOutput .= '<poster_name>'. $username_rows['username'] .'</poster_name>';
		xmlOutput .= '<comment_text>'. $comment_rows['comment_text'] .'</comment_text>';
		xmlOutput .= '<comment_time>'. $comment_rows['post_time'] .'</comment_time>';
		xmlOutput .= '</comment>';
	}
	xmlOutput .= '</comments>';
	header('Content-Type: application/xml;');
	echo xmlOutput;
?>

Thanks!

try:

<?php
	$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME) or die("Unable to connect to the db server");

	$parent_id = mysqli_real_escape_string($dbc, $_GET['parent_id']);

	$comment_query = "SELECT comment_id,poster_id,comment_text,post_time FROM comments WHERE parent_id = '$parent_id' ORDER BY post_time ASC";
	$comment_data = mysqli_query($dbc, $comment_query);
	
	$xmlOutput = '<?xml version="1.0"?>';
	$xmlOutput .= '<comments>';
	
	while( $comment_rows = mysqli_fetch_assoc($comment_data) ){
		//Get username
		$username_query = sprintf("SELECT username FROM wwit_user WHERE user_id = '%s' LIMIT 0, 1", mysqli_real_escape_string($dbc, $comment_rows['poster_id']);
		$username_data = mysqli_query($dbc, $username_query);
		$username_rows = mysqli_fetch_assoc($username_data);

		$xmlOutput .= '<comment>';
			$xmlOutput .= '<comment_id>'. htmlentities($comment_rows['comment_id'],ENT_QUOTES) .'</comment_id>';
			$xmlOutput .= '<poster_id>'. htmlentities($comment_rows['poster_id'],ENT_QUOTES) . '</poster_id>';
			$xmlOutput .= '<poster_name>'. htmlentities($username_rows['username'],ENT_QUOTES) .'</poster_name>';
			$xmlOutput .= '<comment_text>'. htmlentities($comment_rows['comment_text'],ENT_QUOTES) .'</comment_text>';
			$xmlOutput .= '<comment_time>'. htmlentities($comment_rows['post_time'],ENT_QUOTES) .'</comment_time>';
		$xmlOutput .= '</comment>';
		mysqli_free_result($username_data);
	}
	mysqli_free_result($comment_data);
	$xmlOutput .= '</comments>';
	header('Content-Type: application/xml;');
	echo $xmlOutput;
exit;
?>
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.