php contact form subject encoding

Question

I have a contact form and I would like to add the name of the sender when I receive a message from the form.

The variable name is filtered like this:

$newname = htmlspecialchars($name, ENT_QUOTES);

then

mail($to, 'from: ' . $name, $body, $headers);

but my subject show &amp, &lt... instead of & or apostrophes I did try this from other questions:

mail($to, 'from: ' . "=?UTF-8?B?" . base64_encode($name) . "?=", $body, $headers);

but no luck ...

If I remove the htmlspecialchars() of course it works, but I would like to keep it for protection

EDIT

This is not a duplicate. Thanks, it's good to know that subject doesn't need to be escaped, but this is not a duplicate because I would like to know how can escape it and still correctly display in the subject (with no ' or &amp;). The

=?iso-8859-1?q?this=20is=20some=20text?=

solution proposed in that answer, makes things even worst in my case, with more weird characters... So, my question still is, why

"=?UTF-8?B?" . base64_encode($name) . "?=",

is not working in my case? Thanks!

Possible duplicate of [Do email subjects need to be html escaped?](http://stackoverflow.com/questions/11002510/do-email-subjects-need-to-be-html-escaped) — Dov Benyomin Sohacheski, May 08 '16 at 09:13
Thanks Dev, good to know, but my question is: why "=?UTF-8?B?" . base64_encode($name) . "?=" doesn't work in my case? What am I doing wrong? Thanks! — codeispoetry, May 08 '16 at 13:28
What you are doing wrong is a useless `htmlspecialchars`. That is the one escaping your quotes, just don't do it because it is not needed. — β.εηοιτ.βε, May 08 '16 at 22:50

php contact form subject encoding

0 Answers0