htmlspecialchars is a PHP function that convert special characters to HTML entities.
htmlspecialchars is a PHP function that convert special characters to HTML entities.
Famous question: htmlentities() vs. htmlspecialchars()
Questions tagged [htmlspecialchars]
467 questions
0
votes
1 answer
How to implement htmlpurifier
I'm trying to implement HTMLPURIFIER, but after echoing out the HTML I'd like to purify, I still get
as part of the content that's displayed, meanwhile it's meant to display a picture.
What am I doing wrong?
…
as part of the content that's displayed, meanwhile it's meant to display a picture.
What am I doing wrong?
…user652792
0
votes
1 answer
Concatenate string with space mysql php
$menunaam = "Lazy Dog"
$resultmenus = mysqli_query($dbc,"SELECT menunaam FROM prijslijst WHERE menunaam='$menunaam'");
$row = mysqli_fetch_array($resultmenus,MYSQLI_ASSOC);
echo "
Seltjoek
- 168
- 3
- 14
0
votes
2 answers
Remove special HTML characters from labels or textfields in flex (mxml)
I'm loading data with an RSS feed into a Flex application.
Some of the data has html special characters. It can't read é,è,à,ç and other similar letters that are used in French for example. It gives a strange code instead of the letters with…
0
votes
1 answer
Should I be using nl2br(htmlspecialchars($text)) for everything I echo/print to screen?
Title kinda says it all. Should I be using nl2br(htmlspecialchars($text)) for everything I echo/print to screen?
I've been looking around, and it seems like the word is that when handling input from the user, sanitize it by escaping it and…
carlinyuen
- 279
- 1
- 4
- 17
0
votes
3 answers
Avoiding the use of htmlspecialchars() on ![]()
on dynamic contents, while avoiding XSS attacks
I need your help with a really simple issue. Article Contents of some pages on my website are stored in MySQL database, and I've applied htmlspecialchars() to it when outputting to the browser, but actually there are legitimate
user652792
0
votes
6 answers
User Input filtering in PHP
Am currently working on an application that requires users to submit posts and comments which is displayed on the site. As we all know that user input can't be trusted so i used htmlspecialchars($string,ENT_QUOTES) to process user's posts and…
War Coder
- 454
- 1
- 7
- 24
0
votes
1 answer
Does sometime fputs() or fwrite() encode html special characters?
I am outputting a string that consists of html content to a html file, but in the html file the html special characters are encoded (for example " in \" ). I've even used htmlspecialcharacters_decode before using the write functions. The wierd…
andreihondrari
- 5,743
- 5
- 30
- 59
0
votes
1 answer
Outputting user input - preventing for xss
I have an admin section within my site where items can be stored. Once they are stored, they are displayed on the front end. Part of my display involves code like the following:
echo "
".$rose['description']."
"; Does this need to have…
user1278496
- 1,056
- 6
- 17
- 34
0
votes
2 answers
Convert '%23' to '#' in PHP
URL: example.com/search:#searchWord
Since the # is not send to the server, it is changed to %23.
In the search page I want to display
Results for: #searchWord
But what I get is %23searchWord. I tried htmlspecialchars(), but nothing happens.
Ben
- 1,906
- 10
- 31
- 47
-1
votes
3 answers
Html special characters in email
I had written a script to read email from a mailbox.
in some email i am getting some data being converted into wiered characters that are breaking my further processing.
those character looks something like this…
Anand
- 1,670
- 1
- 15
- 23
-1
votes
1 answer
Echo clean text in PHP with htmlspecialchars()
I have a user form where i give the user the possibility to enter a text in a textarea and to change the text later.
Here is my example for the HTML textarea: