The aim of this data type is to provide the possibility of recording XML files or strings.
In order to be able to create an XML file or string from a GeneXus object you must define an XMLWriter data type variable and then invoke the methods needed to create the nodes that compose it.
The following procedure generates a file called MEETING.xml that contains the data for a meeting, indicating the people who participated in it and their corresponding tasks.
For Each
&XMLWriter.Open('MEETING.xml')
&XMLWriter.WriteStartDocument()
&XMLWriter.WriteStartElement('MEETING')
&XMLWriter.WriteAttribute('Date', DToC(ReuFch))
&XMLWriter.WriteElement('DATE', DToC(ReuFch))
&XMLWriter.WriteComment('Meeting Description')
&XMLWriter.WriteCData(ReuDsc)
&XMLWriter.WriteStartElement('MEMBERS')
For Each
&XMLWriter.WriteElement('MEMBER',ReuPerNom)
Endfor
&XMLWriter.WriteEndElement()
&XMLWriter.WriteStartElement('TASKS')
For Each
&XMLWriter.WriteStartElement('TASK')
&XMLWriter.WriteElement('PERSON_IN_CHARGE',ReuTarPerNom)
&XMLWriter.WriteCData(ReuTarDsc)
&XMLWriter.WriteEndElement()
EndFor
&XMLWriter.WriteEndElement()
&XMLWriter.WriteEndElement()
&XMLWriter.Close()
Endfor
The MEETING.xml file contains:
<?xml version="1.0" encoding="ISO-8859-1" ?>
<MEETING Date="06/03/01">
<DATE>06/03/01</DATE>
<!—Meeting’s description-->
<! [ CDATA [ Application development team’s meeting.
The meting took place on Friday at 9:30. ] ] >
<MEMBERS>
<MEMBER>Peter</MEMBER>
<MEMBER>Laura</MEMBER>
<MEMBER>John</MEMBER>
<MEMBER>Diana</MEMBER>
</MEMBERS>
<TASKS>
<TASK>
<PERSON_IN_CHARGE>Peter</PERSON_IN_CHARGE>
<! [ CDATA [ Write the application’s documentation ] ] >
</TASK>
<TASK>
<PERSON_IN_CHARGE>Diana</PERSON_IN_CHARGE>
<! [ CDATA [ Meet with clients ] ] >
</TASK>
<TASK>
<PERSON_IN_CHARGE>Laura</PERSON_IN_CHARGE>
<! [ CDATA [ Write user’s manual ] ] >
</TASK>
<TASK>
<PERSON_IN_CHARGE>John</PERSON_IN_CHARGE>
<! [ CDATA [ Document the specifications ] ] >
</TASK>
</TASKS>
</MEETING>
When a property or method is used to assign a file's path (or URL) do not use user's inputs concatenations or sanitize the user's entries to avoid path traversal or path manipulation vulnerability risks.