How to use htmlspecialchars in PHP

In this article I will explain how the htmlspecialchars() function can be used in PHP.
  • 2014

htmlspecialchars() function in PHP

  • The htmlspecialchars() function is used to convert some predefined HTML entities to characters.
  • The htmlspecialchars_decode() function is the opposite of hrmlspecialchars().
  • some predefined characters are:
    • & (ampersand) becomes &
    • " (double quote) becomes "
    • ' (single quote) becomes '
    • < (less than) becomes &lt;
    • > (greater than) becomes &gt;




  • string string is required parameter. it is determine string to be decode.
  • quotestyle quotestyle is optional parameter. Specifies how to decode single and double quotes. some available quote styles are:
    • ENT_COMPAT - This is default value. It's decode only double quotes.
    • ENT_QUOTES - It's decode double and single quotes.
    • ENT_NOQUOTES - It does not decode any quotes.
  • character-set character-set is optional parameter. A string that specifies which character-set to use. some allowed values are:
    • ISO-8859-1 - This is the default value. Western European
    • ISO-8859-15 - Western European (adds the Euro sign + French and Finnish letters missing in ISO-8859-1)
    • UTF-8 - ASCII compatible multi-byte 8-bit Unicode
    • cp866 - DOS-specific Cyrillic charset
    • cp1251 - It's a windows-specific Cyrillic charset
    • cp1252 - It's a windows specific charset for Western European
    • KOI8-R - Russian
    • BIG5 - Traditional Chinese, mainly used in Taiwan
    • GB2312 - Simplified Chinese, national standard character set
    • BIG5-HKSCS - Big5 with Hong Kong extensions
    • Shift_JIS - Japanese
    • EUC-JP - Japanese


The following example show to how the htmlspecialchars() function can be used in PHP.



<h3 style="color: darkseagreen;">htmlspecialchars() function example in PHP</h3>


    $string = "C-sharp & 'corner'";

    echo htmlspecialchars($string, ENT_COMPAT);

    echo "<br />";

    echo htmlspecialchars($string, ENT_QUOTES);

    echo "<br />";

    echo htmlspecialchars($string, ENT_NOQUOTES);






You may also want to read these related articles here
Ask Your Question 
Got a programming related question? You may want to post your question here


More Articles

© 2019 DotNetHeaven. All rights reserved.