son Posted May 4, 2011 Share Posted May 4, 2011 Seems I come across a lot of questions today...Having almost finalised a little admin area for a web page that can be updated by a friend who is not web-savy and I have to assume the worst (he probably copies and pastes a lot from Word etc) what should I use best to make text safe to be displayed on website: htmlspecialchars or htmlentities? I have encoded all to UTF-8 and circumnavigated lots of inital problems due to special character display etc. However, I would also like to have the page been validated ok. I would lean towards htmlspecialchars, really only want to do what I really have to to make it all 100% standards-compliant as such (at present I am only aware that & should be displayed as &)... Have you got any thoughts on this?Son Link to comment Share on other sites More sharing options...
ShadowMage Posted May 4, 2011 Share Posted May 4, 2011 htmlspecialchars and htmlentities are pretty much identical. The only difference with htmlentities is: This function is identical to htmlspecialchars() in all ways, except with htmlentities(), all characters which have HTML character entity equivalents are translated into these entities. http://us.php.net/manual/en/function.htmlentities.phpI've gotten into the habit of using htmlentities with the ENT_QUOTES constant. That way I can guarantee that I don't miss anything. Link to comment Share on other sites More sharing options...
son Posted May 4, 2011 Author Share Posted May 4, 2011 htmlspecialchars and htmlentities are pretty much identical. The only difference with htmlentities is:http://us.php.net/manual/en/function.htmlentities.phpI've gotten into the habit of using htmlentities with the ENT_QUOTES constant. That way I can guarantee that I don't miss anything. Thanks for your input. That is great. Do you know what difference it makes to encode in UTF-8? I always thought that doing this would prevent me from using functions like this, but I found a problem with a '&' character and this is all that got me thinking (before I had issues with French and Germany special characters, but this is all resolved since I only use UTF-8)...Son Link to comment Share on other sites More sharing options...
ShadowMage Posted May 5, 2011 Share Posted May 5, 2011 I don't know much about character encoding, but I'm pretty sure that characters like & always need to be encoded into their respective html entities, regardless of the character set used. Link to comment Share on other sites More sharing options...
son Posted May 5, 2011 Author Share Posted May 5, 2011 I don't know much about character encoding, but I'm pretty sure that characters like & always need to be encoded into their respective html entities, regardless of the character set used.yes, that is what I have been told on this forum before; I know & for certain. Do you know of other characters?Son Link to comment Share on other sites More sharing options...
thescientist Posted May 5, 2011 Share Posted May 5, 2011 = Link to comment Share on other sites More sharing options...
Synook Posted May 7, 2011 Share Posted May 7, 2011 There's a list on the htmlspecialchars() manual page . Link to comment Share on other sites More sharing options...
son Posted May 9, 2011 Author Share Posted May 9, 2011 There's a list on the htmlspecialchars() manual page .Guess I really sunk the boat now|-) Obviously....cheers,Son Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.