Highest Voted 'htmlspecialchars' Questions

1

vote

3 answers

What is the best way to use mysql_real_escape_string and htmlspecialchars while saving data in CakePHP?

I am using FCKEditor with CakePHP and when I save data sent from the editor I want to run the htmlspecialchars() and mysql_real_escape_string() functions on the data to clean it before I store it in my database. The problem is I am not really sure…

asked Jun 05 '09 at 16:12

ryanulit

4,983
6
42
66

1

vote

1 answer

dealing with htmlescape/htmlspecialchars

To prevent XSS, whenever you output back the user input ( like you do in displaying what was entered wrong or when re-painting the form with the earlier submitted values ), you do need to escape the html. That's a sure thing... so, doing something…

xss htmlspecialchars

asked Feb 12 '12 at 22:16

Average Joe

4,521
9
53
81

1

vote

1 answer

Textarea file edit php

I have a PHP script for editing files, html, php, etc.. It is working in it's entirety except, when you enter into the textarea form field, for example:

& nbsp; or & amp;

the special characters are automatically converted to just a…

php html forms textarea htmlspecialchars

asked Jan 11 '12 at 07:44

user1142639

11
2

1

vote

2 answers

Send special characters through AJAX ( "<" , ">" , "&" )

I send some test through jquery's ajax request. This text contains some special characters like "<" , ">" , "&", which stand for <, >, and &. $.ajax({ type: "POST", url: "page.php", data: "content="+txt }); Unfortunately, the string is…

php jquery ajax post htmlspecialchars

asked Nov 30 '11 at 22:06

Oli

15,935
7
50
66

1

vote

4 answers

Is a foreach loop on $_GET a good way to apply htmlspecialchars?

I'm wondering if there is a significant downside to using the following code: if(isset($_GET)){ foreach($_GET as $v){ $v = htmlspecialchars($v); } } I realize that it probably isn't necessary to use htmlspecialchars on each variable. Anyone…

php foreach htmlspecialchars

asked Sep 22 '11 at 18:58

bozdoz

12,550
7
67
96

1

vote

1 answer

Htmlspecialchars not working to escape apostrophe

Edit for clarification: The form is on a different page (page1.php) and sends the information to this page (page2.php) via POST. It's just the basic html form. What I find is that it submits to the database fine UNLESS I use an apostrophe or type in…

forms syntax-error htmlspecialchars

asked Sep 18 '22 at 02:47

Jason Evans

23
5

1

vote

1 answer

htmlspecialchars doesn't work with prepare(query)

I'm trying to make a query with PHP but my apostrophes are automatically converted to #039; by $repBdd and so the query doesn't work. However, when I do my echo, it is the ' that are displayed. Do you know how to fix this? $pseudo =…

php pdo htmlspecialchars

asked Jun 05 '22 at 15:08

user60005003

41
4

1

vote

1 answer

XSS output filtering in PHP by applying htmlspecialchars() on each string in the user data object beforehand

*note - this post is only about XSS attacks and not about SQL injections as we already use prepared statements Hi all, I plan to filter my output in regards to XSS attacks. So far, I have read that the "recommended" approach for websites in UTF-8…

php security user-input xss htmlspecialchars

asked Apr 20 '22 at 14:57

testtesttesteettesttesttesttes

23
3

1

vote

1 answer

How to split TextArea Input at every line break PHP

i have some trouble splitting my TextArea Input at every linebreak: If I insert this text: "Hello: world" Then I have this string as my value Hello: world I tried something like $input = str_replace(" ", "", $input); OR $input =…

php line-breaks htmlspecialchars

asked Feb 16 '22 at 18:58

Rezureax

53
5

1

vote

1 answer

Issue with Htmlspecialchars

I'm having troule displaying correctly some informations from my database. When i try to echo without using the function, characters like accents and stuff are replaced with black blocks and question marks. If i try to use htmlspecialchars, i…

php htmlspecialchars

asked Dec 16 '21 at 15:35

Didimaox

41
3

1

vote

2 answers

handling WYSIWYG data in PHP

I need to use a wysiwyg editor for handling user input. How do you process this in php? If I retrieve the data and use htmlspecialchars then all the characters that were converted to special characters by the wysiwyg editor will be messed up. For…

php wysiwyg htmlspecialchars

asked Aug 03 '11 at 13:22

user813801

521
2
6
23

1

vote

1 answer

How to convert special html characters in Perl?

In PHP it's as simple as htmlspecialchars, how to do it in Perl?

php perl htmlspecialchars

asked Aug 01 '11 at 15:39

Je Rog

5,675
8
39
47

1

vote

2 answers

Despite single quotes being encoded using htmlspecialchars, JavaScript is still complaining that these quotes need to be escaped in the function call

Something strange is occurring and I'm stumped. I have a link that looks basically like this: Link As you can see, I'm calling function uploadVariantPicture with parameter…

javascript jquery htmlspecialchars single-quotes

asked Jan 10 '21 at 21:09

Tony Friz

883
1
10
27

1

vote

1 answer

Echo string containing single and double quotes to input value

I'm extracting a string from XML and want to insert it as the value of an input text box. And I'm having problems with this string containing both single and double quotes: We will have a "New Year's Eve countdown" Here is the code I'm using to…

php input htmlspecialchars

asked Jan 01 '21 at 01:52

Tim B

189
9

1

vote

1 answer

Use PHP htmlentities to convert special characters to their entity number rather than entity name

How do you force PHP "htmlentities" to convert a special character to the entity number rather than to the entity name? For example, convert É to É rather than to É I have searched with no answers.

php html-entities htmlspecialchars

asked Sep 26 '20 at 23:33

SW_Cali

383
2
17

Questions tagged [htmlspecialchars]