php htmlspecialchars() function
Translation results:
英[ˈspeʃl] 美[ˈspɛʃəl]
adj.Special; special; dedicated; important
n.Special car; special offer; special issue; special edition
Plural: specials Comparative: more special Superlative: most special
php htmlspecialchars() functionsyntax
Function: The function converts predefined characters into HTML entities. The predefined characters are: & (ampere) becomes &, " (double quote) becomes ", ' (single quote) becomes ', < (less than) becomes <, > (greater than) becomes >.
Syntax: htmlspecialchars(string,flags,character-set,double_encode)
Parameters:
| Parameter | Description |
| string | Required, specifies the string to be converted. |
| flags | Optional. Specifies how to handle quotes, invalid encodings, and which document type to use. Available quote types: ENT_COMPAT - Default. Only double quotes are encoded. ENT_QUOTES - Encodes double and single quotes. ENT_NOQUOTES - Do not encode any quotes. Invalid encoding: ENT_IGNORE - Ignore invalid encodings instead of having the function return an empty string. This should be avoided as this may have an impact on security. ENT_SUBSTITUTE - Substitutes an invalid encoding with the specified character with the Unicode substitution character U FFFD (UTF-8) or &#FFFD; instead of returning an empty string. ENT_DISALLOWED - Replaces invalid code points in the specified document type with the Unicode replacement character U FFFD (UTF-8) or &#FFFD;. Additional flags specifying the document type to use: ENT_HTML401 - Default. Code processed as HTML 4.01. ENT_HTML5 - Process code as HTML 5. ENT_XML1 - Code processed as XML 1. ENT_XHTML - as XHTML processing code. |
| character-set | Optional. A string specifying the character set to be used. Allowed values: UTF-8 - Default. ASCII compatible multi-byte 8-bit Unicode ISO-8859-1 - Western Europe ISO-8859-15 - Western Europe (adds French and Finnish letters missing from ISO-8859-1 for Euro symbol) cp866 - DOS-specific Cyrillic character set cp1251 - Windows Special Cyrillic character set cp1252 - Windows special Western European character set KOI8-R - Russian BIG5 - Traditional Chinese, mainly used in Taiwan, GB2312 - Simplified Chinese, national standard character set, BIG5-HKSCS - Big5 with Hong Kong extension, Shift_JIS - Japanese, EUC-JP - Japanese, MacRoman - the character set used by the Mac operating system. In versions prior to PHP 5.4, unrecognized character sets will be ignored and replaced by ISO-8859-1. As of PHP 5.4, unrecognized character sets are ignored and replaced by UTF-8. |
| double_encode | Optional, Boolean value, specifies whether to encode existing HTML entities. TRUE - Default. Each entity will be converted. FALSE - Existing HTML entities will not be encoded. |
Description: Returns the converted string. If string contains an invalid encoding, an empty string is returned unless ENT_IGNORE is set or ENT_SUBSTITUTE flag.
php htmlspecialchars() functionexample
<?php
$i = "<script>alert('hello world')</script>";
$j = htmlspecialchars($i);
echo $j;
?>Run instance»
Click the "Run instance" button to view the online instance
Output:
<script>alert('hello world')</script><?php
$new = htmlspecialchars("<a href='test'>Test</a>", ENT_QUOTES);
echo $new; // <a href='test'>Test</a>
?>Run Instance»
Click the "Run Instance" button to view the online instance
Output:
<a href='test'>Test</a>