In this article, you will learn how to convert some special characters to HTML entities. The htmlspecialchars() function convert predefined characters to HTML elements. These predefined characters are given below.
- & converts to &
- ” converts to becomes "
- ‘ converts to '
- < converts to <
- > converts to >
To convert these HTML elements back to the characters, you can use the htmlspecialchars_decoe() function.
what is the syntax of the htmlspecialchars() function in php?
htmlspecialchars(string,flags,character-set,double_encode)
Parameter | Description |
---|---|
string | The string to convert to HTML entities. |
flags | Optional. Specifies how to handle quotes, invalid encoding and the used document type.The available quote styles are:ENT_COMPAT – Default. Encodes only double quotesENT_QUOTES – Encodes double and single quotesENT_NOQUOTES – Does not encode any quotesInvalid encoding:ENT_IGNORE – Ignores invalid encoding instead of having the function return an empty string. Should be avoided, as it may have security implications.ENT_SUBSTITUTE – Replaces invalid encoding for a specified character set with a Unicode Replacement Character U+FFFD (UTF-8) or &#FFFD; instead of returning an empty string.ENT_DISALLOWED – Replaces code points that are invalid in the specified doctype with a Unicode Replacement Character U+FFFD (UTF-8) or &#FFFD;Additional flags for specifying the used doctype:ENT_HTML401 – Default. Handle code as HTML 4.01ENT_HTML5 – Handle code as HTML 5ENT_XML1 – Handle code as XML 1ENT_XHTML – Handle code as XHTML |
character-set | Optional. A string that specifies which character-set to use.Allowed values are:UTF-8 – Default. ASCII compatible multi-byte 8-bit UnicodeISO-8859-1 – Western EuropeanISO-8859-15 – Western European (adds the Euro sign + French and Finnish letters missing in ISO-8859-1)cp866 – DOS-specific Cyrillic charsetcp1251 – Windows-specific Cyrillic charsetcp1252 – Windows specific charset for Western EuropeanKOI8-R – RussianBIG5 – Traditional Chinese, mainly used in TaiwanGB2312 – Simplified Chinese, national standard character setBIG5-HKSCS – Big5 with Hong Kong extensionsShift_JIS – JapaneseEUC-JP – JapaneseMacRoman – Character-set that was used by Mac OSNote: Unrecognized character-sets will be ignored and replaced by ISO-8859-1 in versions prior to PHP 5.4. As of PHP 5.4, it will be ignored an replaced by UTF-8. |
double_encode | This argument decide, if the HTML characters needs encoding to not. TRUE – Convert everything FALSE – Not encode existing HTML entities |
examples of the htmlspecialchars() method
Example 1. In this example, we tried some special characters in the string and convert them into HTML entities using htmlspecialchars() function.
<?php
$str = "HTML characters to check the <b>bold</b> text.";
echo htmlspecialchars($str);
?>
Example 2. In this example, we take some HTML entities and convert them into corresponding characters using different constants/flags.
<?php
$str = "Jawad & 'Ahmad'";
echo htmlspecialchars($str, ENT_COMPAT); // It will convert only double quotes
echo "<br>";
echo htmlspecialchars($str, ENT_QUOTES); // It will convert both double and single quotes
echo "<br>";
echo htmlspecialchars($str, ENT_NOQUOTES); // It will not convert any of the quotes
?>
Example 3. In this example, we convert the HTML elements into characters. It Converts both single and double quotes
<?php
$str = 'I like"PHP from PHP.org".';
echo htmlspecialchars($str, ENT_QUOTES);
?>