PHP htmlspecialchars Function

SQL     Data Warehousing     CSS     PHP     HTML     Database Normalization


PHP Tutorial > String Functions > htmlspecialchars Function

The htmlspecialchars function in PHP is used to convert 5 characters into corresponding HTML entities where applicable. It is used to encode user input on a website so that users cannot insert harmful HTML codes into a site.

The syntax of the htmlspecialchars function is:

explode ('string', [quote_style], [character_set], [double_encode])

[quote_style] is used to determine whether to convert double quotes and single quotes. Possible values include:

ValueConvert Single QuotesConvert Double Quotes
ENT_COMPATNoYes
ENT_QUOTESYesYes
ENT_NOQUOTESNoNo

ENT_COMPAT is the default if quote_style is not specified.

[character_set] is optional and specifies the character set to use. [double_encode] is optional and indicates whether to encode the character for the second time if the character is already encoded. The default is to double encode.

The 5 characters are:

CharacterHTML EntityNotes
&&  
""Depending on how [quote_style] is set
'&#039Depending on how [quote_style] is set
>>  
<&lt;  

Let's take a look at the examples below:

Example 1

print htmlspecialchars('<br>An example');

Result:

&lt;br&gt;An example

Example 2

print htmlspecialchars('Is "this" true? 3 > 2', ENT_NOQUOTES);

Result:

Is "this" true? 3 &gt; 2

The double quote (") character is preserved because the ENT_NOQUOTES value is set.

Next: PHP implode Function



Copyright © 2014   1keydata.com  All Rights Reserved.  Privacy Policy   About   Contact