Jump to content

htmlspecialchars or htmlentities


son
 Share

Recommended Posts

Seems I come across a lot of questions today...Having almost finalised a little admin area for a web page that can be updated by a friend who is not web-savy and I have to assume the worst (he probably copies and pastes a lot from Word etc) what should I use best to make text safe to be displayed on website: htmlspecialchars or htmlentities? I have encoded all to UTF-8 and circumnavigated lots of inital problems due to special character display etc. However, I would also like to have the page been validated ok. I would lean towards htmlspecialchars, really only want to do what I really have to to make it all 100% standards-compliant as such (at present I am only aware that & should be displayed as &)... Have you got any thoughts on this?Son

Link to comment
Share on other sites

htmlspecialchars and htmlentities are pretty much identical. The only difference with htmlentities is:

This function is identical to htmlspecialchars() in all ways, except with htmlentities(), all characters which have HTML character entity equivalents are translated into these entities.
http://us.php.net/manual/en/function.htmlentities.phpI've gotten into the habit of using htmlentities with the ENT_QUOTES constant. That way I can guarantee that I don't miss anything. :)
Link to comment
Share on other sites

htmlspecialchars and htmlentities are pretty much identical. The only difference with htmlentities is:http://us.php.net/manual/en/function.htmlentities.phpI've gotten into the habit of using htmlentities with the ENT_QUOTES constant. That way I can guarantee that I don't miss anything. :)
Thanks for your input. That is great. Do you know what difference it makes to encode in UTF-8? I always thought that doing this would prevent me from using functions like this, but I found a problem with a '&' character and this is all that got me thinking (before I had issues with French and Germany special characters, but this is all resolved since I only use UTF-8)...Son
Link to comment
Share on other sites

I don't know much about character encoding, but I'm pretty sure that characters like & always need to be encoded into their respective html entities, regardless of the character set used.

Link to comment
Share on other sites

I don't know much about character encoding, but I'm pretty sure that characters like & always need to be encoded into their respective html entities, regardless of the character set used.
yes, that is what I have been told on this forum before; I know & for certain. Do you know of other characters?Son
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...