$str='<a href="http://www.reconn.us">Reconn.us</a>'
$escaped_html=htmlentities($str);
The result will be like this:
<a href="http://www.reconn.us">Reconn.us</a>
The text is converted so every element that has a corespondent in HTML will be converted to that. For example, '&' (ampersand) becomes '&'.
If you also want to convert quotes, you may want to make use of the second parameter of this function, quote_style :
$str='<a href="http://www.reconn.us">Reconn.us</a>'
$escaped_html=htmlentities($str,ENT_QUOTES);
This will result in this string:
<a href="http://www.reconn.us">Reconn.us</a>
The options for quote_style parameter are:
- ENT_COMPAT - Will convert double-quotes and leave single-quotes alone.
-ENT_QUOTES - Will convert both double and single quotes.
- ENT_NOQUOTES - Will leave both double and single quotes unconverted. (This is the default)
The third parameter for this function is charset and the default is ISO-8859-1.
To see how this function works, try our Online Escape HTML Tool !
Is very much like htmlentities() function. Unlike this function, it does not convert all applicable characters to HTML entities, but only some of them:
- '&' (ampersand) becomes '&'
- '"' (double quote) becomes '"' when ENT_NOQUOTES is not set.
- ''' (single quote) becomes ''' only when ENT_QUOTES is set.
- '<' (less than) becomes '<'
- '>' (greater than) becomes '>'
Otherwise, functions parameters are the same: string htmlspecialchars ( string $string [, int $quote_style [, string $charset]] );
To see the difference between these two functions I will show you an example:
The simple text:
<b>Confirmar contraseña</b>
for htmlentities() function will output:
<b>Confirmar contraseña</b>
and for htmlspecialchars() function will output:
<b>Confirmar contraseña</b>
See the difference? For the first function, the special Spanish character ñ is translated also, while for the second is left unchanged.
discuss this topic to forum
