PHP htmlspecialchars() Function

PHP implode() Function
PHP lcfirst() Function

In this article, you will learn how to convert some special characters to HTML entities. The htmlspecialchars() function convert predefined characters to HTML elements. These predefined characters are given below.

  • & converts to &
  • ” converts to becomes "
  • ‘ converts to '
  • < converts to &lt;
  • > converts to &gt;

To convert these HTML elements back to the characters, you can use the htmlspecialchars_decoe() function.

what is the syntax of the htmlspecialchars() function in php?

htmlspecialchars(string,flags,character-set,double_encode)
ParameterDescription
stringThe string to convert to HTML entities.
flagsOptional. Specifies how to handle quotes, invalid encoding and the used document type.The available quote styles are:ENT_COMPAT – Default. Encodes only double quotesENT_QUOTES – Encodes double and single quotesENT_NOQUOTES – Does not encode any quotesInvalid encoding:ENT_IGNORE – Ignores invalid encoding instead of having the function return an empty string. Should be avoided, as it may have security implications.ENT_SUBSTITUTE – Replaces invalid encoding for a specified character set with a Unicode Replacement Character U+FFFD (UTF-8) or &#FFFD; instead of returning an empty string.ENT_DISALLOWED – Replaces code points that are invalid in the specified doctype with a Unicode Replacement Character U+FFFD (UTF-8) or &#FFFD;Additional flags for specifying the used doctype:ENT_HTML401 – Default. Handle code as HTML 4.01ENT_HTML5 – Handle code as HTML 5ENT_XML1 – Handle code as XML 1ENT_XHTML – Handle code as XHTML
character-setOptional. A string that specifies which character-set to use.Allowed values are:UTF-8 – Default. ASCII compatible multi-byte 8-bit UnicodeISO-8859-1 – Western EuropeanISO-8859-15 – Western European (adds the Euro sign + French and Finnish letters missing in ISO-8859-1)cp866 – DOS-specific Cyrillic charsetcp1251 – Windows-specific Cyrillic charsetcp1252 – Windows specific charset for Western EuropeanKOI8-R – RussianBIG5 – Traditional Chinese, mainly used in TaiwanGB2312 – Simplified Chinese, national standard character setBIG5-HKSCS – Big5 with Hong Kong extensionsShift_JIS – JapaneseEUC-JP – JapaneseMacRoman – Character-set that was used by Mac OSNote: Unrecognized character-sets will be ignored and replaced by ISO-8859-1 in versions prior to PHP 5.4. As of PHP 5.4, it will be ignored an replaced by UTF-8.
double_encodeThis argument decide, if the HTML characters needs encoding to not.
TRUE – Convert everything
FALSE – Not encode existing HTML entities
PHP htmlspecialchars() method

examples of the htmlspecialchars() method

Example 1. In this example, we tried some special characters in the string and convert them into HTML entities using htmlspecialchars() function.

<?php
$str = "HTML characters to check the <b>bold</b> text.";
echo htmlspecialchars($str);
?>

Example 2. In this example, we take some HTML entities and convert them into corresponding characters using different constants/flags.

<?php
$str = "Jawad & 'Ahmad'";
echo htmlspecialchars($str, ENT_COMPAT); // It will convert only double quotes
echo "<br>";
echo htmlspecialchars($str, ENT_QUOTES); // It will convert both double and single quotes
echo "<br>";
echo htmlspecialchars($str, ENT_NOQUOTES); // It will not convert any of the quotes
?>

Example 3. In this example, we convert the HTML elements into characters. It Converts both single and double quotes

<?php
$str = 'I like"PHP from PHP.org".';
echo htmlspecialchars($str, ENT_QUOTES); 
?>
PHP implode() Function
PHP lcfirst() Function
en English
X
Scroll to Top