PHP htmlspecialchars

王林
Lepaskan: 2024-08-29 12:57:15
asal
786 orang telah melayarinya

In PHP htmlspecialchars method is used for encoding of the string. By the use of htmlspecialchars method, we can encode our string by specifying certain parameters for it. htmlspecialchars method converts some special character of the string into HTML based entities, we have some of the pre-defined characters which got converted by this htmlspecialchars method in PHP> This is used where we want to apply some HTML code in between the string. htmlspecialchars methods take multiple inputs as the parameters we will discuss this in the coming section in more detail.

Start Your Free Software Development Course

Web development, programming languages, Software testing & others

Syntax

htmlspecialchars method takes multiple parameters as the input from the user, also these different parameters represent a different types of roles in converting the string to HTML based entity. For better understanding we will see its syntax see below;

htmlspecialchars(your_string,flags_if_any,character-set_if_any,double_encode_if_any)
Salin selepas log masuk
Salin selepas log masuk

So as you can see in the above syntax we are passing multiple parameters to this htmlspecialchars method in PHP all serve a different purpose. But the string is the mandatory parameter here which is required while calling this method. In the coming section, we will discuss more its parameter in detail. For instance, we can have a practice syntax for beginners for more clarity see below;

e.g.:

htmlspecialchars("my string hello <br>")
Salin selepas log masuk

How htmlspecialchars method work in PHP?

As of now we know that htmlspecialchars method is issued to encode the special characters present in a string, these special characters are already pre-defined in the HTML. we will discuss more this. HTML provides us with five types of pre-defined special characters which are described below.

Let’s discuss each of them in detail see below;

1) > or greater than In HTML this special character become > while encoding our string to HTML entities. So if you want to use this we need to use ‘>’ symbol for this. For better understanding see the example below;

e.g.:

<?php
$str = "Hello greater than symbol > .";
?>
Salin selepas log masuk

This will now encode ‘>’ into the > where ever it will appear.

2) < or smaller than In HTML this special character become < while encoding our string to HTML entities. So if you want to use this we need to use ‘<‘ symbol for this. For better understanding see the example below;

e.g.:

<?php
$str = "Hello lesser than symbol < .";
?>
<p>This will now encode ‘<&#8216; into the &lt; where ever it will appear.</p>
<p><strong>3) & or ampersand:</strong> In HTML this special character become &amp; while encoding our string to HTML entities. So if you want to use this we need to use &#8216;&&#8217; symbol for this. For better understanding see the example below;</p>
<p><strong>e.g.:</strong></p>
<pre class="brush:php;toolbar:false"><?php
$str = "Hello ampersand symbol & .";
?>
</p>
<p>This will now encode ‘&’ into the &amp; where ever it will appear.</p>
<p><strong>4) ‘ or single quote:</strong> In HTML this special character becomes’ while encoding our string to HTML entities. So if you want to use this we need to use ”’ symbol for this. For better understanding see the example below;</p>


<p><strong>e.g.:</strong></p>
<pre class="brush:php;toolbar:false"><?php
$str = "Hello single quote symbol ' .";
?>
Salin selepas log masuk

This will now encode ”’ into the ‘ where ever it will appear.

5) ” or double quote: In HTML this special character becomes " while encoding our string to HTML entities. So if you want to use this we need to use the'”‘ symbol for this. For better understanding see the example below;

e.g.:

<?php
$str = "Hello double quote symbol " .";
?>
Salin selepas log masuk

This will now encode ‘”‘ into the " where ever it will appear.

Now we will talk about the htmlspecialchars method signature that we have. This method takes four parameters. But the string parameter is mandatory once that we have to pass. Other is optional. We will discuss them in detail see below;

Signature

htmlspecialchars(your_string,flags_if_any,character-set_if_any,double_encode_if_any)
Salin selepas log masuk
Salin selepas log masuk

1. String: This is the string that we want to encode into HTML entities whenever the special character are defined on paper in the string.

2. double_encode: This parameter if specifying will decide we need to encode the string or not. It is a Boolean parameter that takes the value as true or false. By default its value is TRUE that means it will encode the string special characters.

3. character-set: This parameter is also optional, this parameter will decide which chatter set needs to be used here. We have several characters set available some of them are specified below;

  1. UTF-8
  2. EUC-JP
  3. many more

4. flags if any: This parameter is also optional in the method. This parameter will decide the quoting style for the string encoding. We have three quoting styles available see below;

  1. ENT_NOQUOTES: This flag specifies that no quotes will be encoded here. neither single nor double quotes.
  2. ENT_QUOTES: This flag will specify that both the quotes will be encoded into the string, single or double.
  3. ENT_COMPAT: This parameter will only encode the double quotes present into the string. This is the default encoding style for the htmlspecialchars method in PHP.

Some points to be remembered;

  • String param is mandatory.
  • This will encode the string where ever special character appears.
  • HTML has defied some predefined characters. This will prevent the HTML pages from harmful attacks as well.

Example of PHP htmlspecialchars

In this example we are trying to encode our string which contains some of the special characters. Attaching two screenshots one is the output and another one is an encoding string in PHP.

Code:

<!DOCTYPE html>
<html>
<body>
<h2 style="color:Green;">Demo for htmlspecialchars method</h2>
<?php
//here we are using htmlspecialchars method to encode our string and printing the result
echo htmlspecialchars('Demo for "htmlspecialchars" method in PHP ', ENT_NOQUOTES);
?>
</body>
</html>
Salin selepas log masuk

Output:

PHP htmlspecialchars

Encoded String output:

PHP htmlspecialchars

Conclusion

By the use of this, we can prevent our HTML page from harmful links. Because it will encode the string if there is any special character present inside it. We just need to use the htmlspecialchars method and pass the parameters according to our requirements.

Atas ialah kandungan terperinci PHP htmlspecialchars. Untuk maklumat lanjut, sila ikut artikel berkaitan lain di laman web China PHP!

Label berkaitan:
php
sumber:php
Kenyataan Laman Web ini
Kandungan artikel ini disumbangkan secara sukarela oleh netizen, dan hak cipta adalah milik pengarang asal. Laman web ini tidak memikul tanggungjawab undang-undang yang sepadan. Jika anda menemui sebarang kandungan yang disyaki plagiarisme atau pelanggaran, sila hubungi admin@php.cn
Tutorial Popular
Lagi>
Muat turun terkini
Lagi>
kesan web
Kod sumber laman web
Bahan laman web
Templat hujung hadapan