Questions tagged [htmlspecialchars]

htmlspecialchars is a PHP function that convert special characters to HTML entities.

Famous question: htmlentities() vs. htmlspecialchars()

467 questions

votes

1 answer

htmlspecialchars outputting blank

Using both htmlspecialchars and htmlentities is causing blank outputs from items such as a ™ symbol and even single ' quotes. Obviously, this is absolutely useless, however outputting the data without using html characters results in this symbol…

php html htmlspecialchars

asked Jun 26 '12 at 15:11

JimmyBanks

4,178
8
45
72

votes

1 answer

htmlspecialchars ampersand

__('Details & Documents') ?>

The above prints out as: Details & Documents What is the proper syntax so that it prints as: Details & Documents? Thanks

php magento character-encoding htmlspecialchars

asked Dec 22 '11 at 17:49

vulgarbulgar

votes

2 answers

Is there a way to send parameters into a callback function without creating my own function first?

I have an array of values that I would like to run through htmlspecialchars but with an argument such as this: $param = htmlspecialchars($param, ENT_QUOTES); The problem is, I have an array of values that I want to run htmlspecialchars on: $array =…

php arrays htmlspecialchars array-map

asked Dec 10 '11 at 05:52

Francis Lewis

8,872
9
55
65

votes

2 answers

htmlspecialchar on HTML POST to PHP script with array and single inputs

I have an HTML form that uses POST to send data to a PHP script. Until now I have not used an array in an HTML form, but this form calls for some fields to be grouped (e.g., price and qty) while other fields remain single input fields (name, email,…

php arrays forms post htmlspecialchars

asked Nov 30 '19 at 10:28

chillywilly

votes

3 answers

Do you only run htmlspecialchars() on output or is there other functionality you also do?

When outputting user input, do you only use htmlspecialchars() or are there are functions/actions/methods you also run? I'm looking for something that will also deal with XSS. I'm wondering if I should write a function that escapes user input on…

php xss escaping htmlspecialchars

asked Feb 08 '09 at 21:25

Darryl Hein

142,451
95
218
261

votes

3 answers

C++ tolower on special characters such as ü

I have trouble transforming a string to lowercase with the tolower() function in C++. With normal strings, it works as expected, however special characters are not converted successfully. How I use my function: string NotLowerCase = "Grüßen"; string…

c++ character-encoding htmlspecialchars

asked Mar 14 '17 at 16:27

TVA van Hesteren

1,031
3
20
47

votes

1 answer

do I even need `htmlspecialchars()` for textarea's value

I have staff.php page which contains staff's name,position and detail.When user would need to edit staff info,they would be send to edit.php page.edit.php page show name and title on text field and detail on a textarea My question is,do I even need…

php xss htmlspecialchars

asked Mar 18 '15 at 00:11

Coder

votes

4 answers

Coldfusion ReReplace "&" but not htmlspecialchars

I need to replace all & with with & in a string like this: Übung 1: Ü & Ä or in html Übung 1: Ü & Ä Like you see htmlspecialchars in the string (but the & is not displayed as &), so I need to exclude them from my replace.…

regex coldfusion replace htmlspecialchars

asked Jan 04 '13 at 08:51

Dollique

votes

2 answers

Which charset considering functions changed from PHP5.2 to PHP5.4

When having a file saved in ISO-8859-1 and using the command echo "test: ".htmlspecialchars("äöü"); The return will be only "test: ". This is because the standard charset for htmlspecialchars changed to UTF-8 in PHP5.4. You need to explicitly set…

php character-encoding htmlspecialchars

asked Aug 01 '12 at 10:26

R_User

10,682
25
79
120

votes

2 answers

Using htmlspecialchars function with PDO prepare and execute

Is converting special characters to HTML entities in form validation and database query using PHP PDO using htmlspecialchars() function really necessary? For example, I have a website with simple login system more or less like: $username = (string)…

php pdo htmlspecialchars

asked Jul 16 '16 at 12:15

GPraz

votes

1 answer

Sanitize input before storing into database

First of all, I have a html editor that accept input from user. I want to store plain html tags in database and cater for quotes (sql injection) that appear as well. For example, $input = "

I'm…

php html htmlspecialchars addslashes

asked Jan 18 '16 at 07:10
user2126081

285

1

4

12

4
votes

1 answer

Circumventing htmlspecialchars(addslashes(input)) for HTML/JavaScript injection

Assume some PHP code which echoes an input sanitized by first applying addslashes() and then htmlspecialchars() to an HTML document. I have heard that this is an unsafe approach, but cannot figure out why. Any suggestions as to what sort of…

php html htmlspecialchars addslashes

asked Dec 02 '14 at 12:48
ride_on_the_NOP_sled

135

13

4
votes

4 answers

How to Remove Html Tags in PHP?

I use htmlspecialchars function in my string. But, I don't want to clean them; ,
,

,
bla bla... Example: Mystring = "
test
aaaa
"; I want to; =

php htmlspecialchars

asked Mar 14 '10 at 13:12
s3yfullah

165

1

6

22

4
votes

1 answer

htmlspecialchars is dropping characters

I'm trying to use htmlspecialchars but it doesn't seem to be working. I'm using OSX 10.9.1 and PHP 5.4.17. I write: var_dump(htmlspecialchars("Test", ENT_QUOTES, 'UTF-8')); echo htmlspecialchars("Test",…

php htmlspecialchars

asked Feb 09 '14 at 23:20
Michel Lecomte

333

2

4

12

4
votes

2 answers

Adding 'utf-8' parameter to occurrences of htmlspecialchars() - can it break anything?

Assuming my project is utf-8 throughout and has always been used with utf-8 encoding, is there anything legit that could possibly break if I change all occurrences of htmlspecialchars($var) to htmlspecialchars($var, ENT_QUOTES, 'utf-8')? I do know…

php character-encoding escaping htmlspecialchars

asked Jan 07 '10 at 19:58
pinkgothic

6,081

3

47

72

Prev 1 2
3

…
31 32 Next