Home > Article > Backend Development > Disadvantages of using htmlspecialchars to encode special characters in PHP
When using htmlspecialchars to encode special characters (&, ', ", <, >) in the parameters passed by the form (due to the need for security filtering when inserting into the database), the following problems will occur.
If the user uploads a file with special characters, such as ', the following problem will occur when the file name is saved to the database
If your server-side PHP code passes $_GET[' id'] indirectly to obtain its file name, and then transfer it to the client by name.
?
Then the following file name error will occur when downloading
Personal homepage: https://plus.google.com/+sherlockwang/posts
The above has introduced the disadvantages of using htmlspecialchars to encode special characters in PHP, including the relevant aspects. I hope it will be helpful to friends who are interested in PHP tutorials.