Issue with ampersand in website title

[Pisces]

Hi Cris,

I'm having an issue with the use of a ampersand in the website title.

Consider we've got this new client: Barnes & Noble!

// My little test script, pulled together from various sources in GetSimple

Code:

<?php
// data from form 'website settings'
$_POST['sitename'] = 'Barnes & Noble';

// @function cl (basic.php, line 202)
function cl($data) {
    $data = stripslashes(strip_tags(html_entity_decode($data, ENT_QUOTES)));
    return $data;
}

$SITENAME = cl($_POST['sitename']);

// create new site data file (settings.php, line 98)
$ufile = 'website.xml';
//createBak($ufile, $path, $bakpath);
$xmls = @new SimpleXMLElement('<item></item>');
$xmls->addChild('SITENAME', $SITENAME);
$xmls->asXML($ufile);
?>

// The result is a (suppressed) warning: function addChild() is nagging about the '&' in the data

Code:

Warning: SimpleXMLElement::addChild() [function.SimpleXMLElement-addChild]: unterminated entity reference Noble in C:\www\vhosts\localhost\prev15~.php on line 18

// The resulting file 'website.xml'

Code:

<?xml version="1.0"?>
<item><SITENAME>Barnes </SITENAME></item>

Mr. Nobel won't be very pleased with us! :/

Is there a special need for performing such rigorous cleaning of HTML entities? In my humble view, the use of htmlspecialchars() would be sufficient for this type of data.

Code:

// @function cl (basic.php, line 202)
function cl($data) {
    $data = stripslashes(strip_tags(htmlspecialchars($data)));
    return $data;
}

Aside from this little issue, I'm very, Very, VERY pleased with your nice and simple CMS!

- Leo