Daily Technology News, Tips, and Reviews | Subscribe to Jason Slater Technology BlogTechnology Feed | Join Jason Slater on TwitterTwitter | Thursday 2nd September 2010

PHP: Encoding HTML Special Characters

By Jason Slater
Friday, 18 April 2008
  • DiggThis
  • Share

When working with untrusted information it is always worth running it through the htmlspecialchars function.
This function converts characters that are used by html into safer versions, e.g. ‘<’ becomes $lt;

myString = htmlspecialchars($_GET['fieldname'], ENT_QUOTES);

Related

One comment so far

Leave a comment!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.