|
|
 |
htmlentities (PHP 3, PHP 4, PHP 5) htmlentities --
Convert all applicable characters to HTML entities
Descriptionstring htmlentities ( string string [, int quote_style [, string charset]] )
This function is identical to
htmlspecialchars() in all ways, except with
htmlentities(), all characters which have HTML
character entity equivalents are translated into these entities.
Like htmlspecialchars(), the optional second
quote_style parameter lets you define what will
be done with 'single' and "double" quotes. It takes on one of three
constants with the default being ENT_COMPAT:
Table 1. Available quote_style constants | Constant Name | Description |
|---|
| ENT_COMPAT | Will convert double-quotes and leave single-quotes alone. | | ENT_QUOTES | Will convert both double and single quotes. | | ENT_NOQUOTES | Will leave both double and single quotes unconverted. |
Support for the optional quote parameter was
added in PHP 4.0.3.
Like htmlspecialchars(), it takes an optional
third argument charset which defines character
set used in conversion. Support for this argument was added in PHP 4.1.0.
Presently, the ISO-8859-1 character set is used as the default.
Following character sets are supported in PHP 4.3.0 and later.
Table 2. Supported charsets | Charset | Aliases | Description |
|---|
| ISO-8859-1 | ISO8859-1 |
Western European, Latin-1
| | ISO-8859-15 | ISO8859-15 |
Western European, Latin-9. Adds the Euro sign, French and Finnish
letters missing in Latin-1(ISO-8859-1).
| | UTF-8 | |
ASCII compatible multi-byte 8-bit Unicode.
| | cp866 | ibm866, 866 |
DOS-specific Cyrillic charset.
This charset is supported in 4.3.2.
| | cp1251 | Windows-1251, win-1251, 1251 |
Windows-specific Cyrillic charset.
This charset is supported in 4.3.2.
| | cp1252 | Windows-1252, 1252 |
Windows specific charset for Western European.
| | KOI8-R | koi8-ru, koi8r |
Russian. This charset is supported in 4.3.2.
| | BIG5 | 950 |
Traditional Chinese, mainly used in Taiwan.
| | GB2312 | 936 |
Simplified Chinese, national standard character set.
| | BIG5-HKSCS | |
Big5 with Hong Kong extensions, Traditional Chinese.
| | Shift_JIS | SJIS, 932 |
Japanese
| | EUC-JP | EUCJP |
Japanese
|
Note:
Any other character sets are not recognized and ISO-8859-1 will be used
instead.
If you're wanting to decode instead (the reverse) you can use
html_entity_decode().
Example 1. A htmlentities() example |
<?php
$str = "A 'quote' is <b>bold</b>";
echo htmlentities($str);
echo htmlentities($str, ENT_QUOTES);
?>
|
|
See also html_entity_decode(),
get_html_translation_table(),
htmlspecialchars(), nl2br(),
and urlencode().
User Contributed Notes
htmlentities
marques at displague dot com
21-Apr-2005 09:32
Re: htmlEncodeText (see below)
<? $pattern = '<([a-zA-Z0-9\.\, "\'_\/\-\+~=;:\(\)?&#%![\]@]+)>'
...
$textMatches [$key] = htmlentities ($value,ENT_COMPAT,'UTF-8'); ?>
By forcing UTF-8 output, the rest of the page will probably want an UTF-8 character set defined in the header or by an html meta tag. Optionally, you can set it per element with a charset (http://www.w3.org/TR/REC-html40/types.html#h-6.9) tag attribute.
thomas AT cosifan DOT de
05-Apr-2005 08:10
to catch an email address link:
<a href="mailto:nospam@xyz.de">nospam@xyz.de</a>
simply add an '@'
$pattern = '<([a-zA-Z0-9\. "\'_\/\-=;:\(\)?&#%![\]@]+)>';
webmaster AT scholesmafia DOT co DOT uk
10-Mar-2005 06:14
The pattern also doesn't match a situation where you have an array in a form 'input' tag:
<input name="foo[bar]" value="meh" />
It works if you add [ and ]. Obviously you have to escape the closing bracket.
<?
$pattern = '<([a-zA-Z0-9\. "\'_\/\-=;:\(\)?&#%![\]]+)>';
?>
|3 |_| >< *
hammertscrew at veryweb dot com
10-Mar-2005 08:22
the pattern of fabian (originally posted by olito24, then improved by marques) doesn't match anchors with http://...
simply add ':'
<?
$pattern='<([a-zA-Z0-9\. "\'_\/\-=;:\(\)?&#%!]+)>';
?>
fabian dot lange at web dot de
22-Feb-2005 07:31
Hi Marques,
just to improve your pattern. Most likely you dont want to escape the html comment string <!--
so simply add the exclamationmark to your pattern
<?php
$pattern = '<([a-zA-Z0-9\. "\'_\/\-=;\(\)?&#%!]+)>';
?>
Thanks for all the good tips on this page ;)
penfield888 at yahoo dot com
01-Feb-2005 11:40
This is a followup to the older note by mirrorball_girl (5 Jan 2003) for those who may follow.
Rather than making an exception for the en-dash (#150) and translating it to a hyphen, you could use the – unicode en-dash entity (assuming that you are serving up your pages as UTF-8 or some such encoding.
Also, the whole thing can be done better with mb_detect_order, mb_detect_encoding and mb_convert_encoding if all you want to do is serve up a web page (if you need to convert to pure ASCII, that's another issue). You need to have multi-byte support enabled on your PHP server.
Basically, the problem is with older MS programs that use Windows-1252 for their encoding, so all you really need to do is
- detect for Win-1252
- if present, convert to UTF-8
- serve up your pages as UTF-8
See the manual on Multibyte String Functions for more information.
root at joe-linux.NOSPAM.org
27-Jan-2005 04:48
It may come to you as a surprise, but i've noticed that in Firefox (as of 1.0), the text presented in "View selection source" is not the same as "View page source"; Il you want to see the REAL result of htmlentities() you should look at the entire source;
almost become mad before i discover this :)
marques at displague dot com
24-Jan-2005 12:01
htmlEncodeText (below) needs a small tweak, the dash needs to be made literal to get picked up in cases like '<a href="blah-blah.php">'. I have been using this function to parse my postgresql database calls since I have alot of unicode data and I don't want HTML data to be neutered (via htmlentities()).
<?php
function htmlEncodeText ($string)
{
$pattern = '<([a-zA-Z0-9\. "\'_\/\-=;\(\)?&#%]+)>';
preg_match_all ('/' . $pattern . '/', $string, $tagMatches, PREG_SET_ORDER);
$textMatches = preg_split ('/' . $pattern . '/', $string);
foreach ($textMatches as $key => $value) {
$textMatches [$key] = htmlentities ($value);
}
for ($i = 0; $i < count ($textMatches); $i ++) {
$textMatches [$i] = $textMatches [$i] . $tagMatches [$i] [0];
}
return implode ($textMatches);
}
?>
dumb at coder dot com
17-Jan-2005 06:22
/*
15Jan05
Within <textarea>, Browsers auto render & display certain "HTML Entities" and "HTML Entity Codes" as characters:
< shows as < -- & shows as & -- etc.
Browsers also auto change any "HTML Entity Codes" entered in a <textarea> into the resultant display characters BEFORE UPLOADING. There's no way to change this, making it difficult to edit html in a <textarea>
"HTML Entity Codes" (ie, use of < to represent "<", & to represent "&"   to represent " ") can be used instead. Therefore, we need to "HTML-Entitize" the data for display, which changes the raw/displayed characters into their HTML Entity Code equivalents before being shown in a <textarea>.
how would I get a textarea to contain "<" as a literal string of characters and not have it display a "<"
&lt; is indeed the correct way of doing that. And if you wanted to display that, you'd need to use &amp;lt;'. That's just how HTML entities work.
htmlspecialchars() is a subset of htmlentities()
the reverse (ie, changing html entity codes into displayed characters, is done w/ html_entity_decode()
google on ns_quotehtml and see http://aolserver.com/docs/tcl/ns_quotehtml.html
see also http://www.htmlhelp.com/reference/html40/entities/
*/
Duane
09-Jan-2005 07:34
I found using:
preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,5};)/",
"&",strtr($string, $trans));
didn't trap hex values (such as 的), so instead I ended
up using:
preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[x0-9a-f]{2,6};)/",
"&", strtr($string, $trans));
olito24 at gmx dot de
13-Dec-2004 06:17
a function to encode everything but html tags. pattern improvement is much appreciated!
function htmlEncodeText ($string)
{
$pattern = '<([a-zA-Z0-9\. "\'_\/-=;\(\)?&#%]+)>';
preg_match_all ('/' . $pattern . '/', $string, $tagMatches, PREG_SET_ORDER);
$textMatches = preg_split ('/' . $pattern . '/', $string);
foreach ($textMatches as $key => $value) {
$textMatches [$key] = htmlentities ($value);
}
for ($i = 0; $i < count ($textMatches); $i ++) {
$textMatches [$i] = $textMatches [$i] . $tagMatches [$i] [0];
}
return implode ($textMatches);
}
duke at redump dot de
01-Nov-2004 08:44
The function xmlentities works great, but there can be up to 5 numbers after the &# string. See this for example:
ベースボー
ルスターズ2
This is a valid (wrapped) japanese string. To successfully use it with xmlentities, you need to replace
return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&" , strtr($string, $trans));
with
return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,5};)/","&" , strtr($string, $trans));
(3 to 5).
Duke
tmp1000 at fastmail dot deleteme dot fm
23-Oct-2004 12:07
Regarding the two great function posted by pinkpather and webwurst; one to encode xml entities, the other to encode only the entities of a string not already encoded. I've combined these two. And IMHO made a small improvement by making the translation table static:
<?php
function xmlentities($string, $quote_style=ENT_QUOTES)
{
static $trans;
if (!isset($trans)) {
$trans = get_html_translation_table(HTML_ENTITIES, $quote_style);
foreach ($trans as $key => $value)
$trans[$key] = '&#'.ord($key).';';
$trans[chr(38)] = '&';
}
return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&" , strtr($string, $trans));
}
?>
Here's the snippet of code I'm testing with:
<?php
echo "<p>Testing xmlentities...</p>";
$strings[] = "No entities here.";
$strings[] = "<b>bold</b>";
$strings[] = "Got style? Try K & R.";
echo "<ul>";
foreach ($strings as $string) {
echo "<li>Original string: ".htmlentities($string)."</li>\n";
echo "<li>Encoded once: ".htmlentities(xmlentities($string))."</li>\n";
echo "<li>Encoded twice: ".htmlentities(xmlentities(xmlentities($string)))."</li>\n";
}
echo "</ul>";
?>
Miguel (miguel at sigmanet dot com dot br)
20-Oct-2004 10:43
This is a simple script that I'm using to encode and decode values from a form. Save it with the name that you wish.
<?php
function encodeText($_str) {
$_str = strip_tags($_str);
$_str = trim($_str);
$_str = htmlentities($_str);
$_str = str_replace("\r\n", "#BR#", $_str);
return($_str);
}
function decodeText($_str, $_form) {
$trans_tbl = get_html_translation_table (HTML_ENTITIES);
$trans_tbl = array_flip ($trans_tbl);
$_str = strtr($_str, $trans_tbl);
if ($_form) {
$_nl = "\r\n";
} else {
$_nl = "<br>";
}
$_str = str_replace("#BR#", "$_nl", $_str);
return($_str);
}
?>
roland dot swingler at nospam dot transversal dot com
30-Sep-2004 10:39
You don't need these custom conversion functions.
This function will only work for the first 128 ascii characters if no character set is specified. If you specify the character set in an http header:
<?php
header('Content-type: text/html; charset=utf-8');
htmlentities('string to be encoded', ENT_QUOTES, 'utf-8');
?>
then it will work for all html entities. It outputs the named rather than the numerical entities, but html_entity_decode() will decode both numerical and textual entities (it will treat € and € as the same).
BTW, if you are dealing with form submitted data, it is a good idea to add the accept-charset="character set" attribute
to the form as well.
cd at NOSPAM dot deluxe dot cd
19-Sep-2004 11:47
allthough it is much more complex than this, please note that if you're using xhtml the character encoding you specify within your document is "associated" with the encoding used by php.
e.g.:
<?xml version="1.0" encoding="..."?>
may also assess the manner form data is submitted. as it is prepared before sending it does not matter whether it is post or get.
to give you something stoutly have a look at mozilla firefox (0.9.3) where submitting form data...
<?xml version="1.0" encoding="ISO-8859-1"?>
...converts ä to %E4
<?xml version="1.0" encoding="UTF-8"?>
...converts ä to %C3%A4
or at internet explorer (6.0) where encoding is ignored while submit but default values of an input field let you recognize the same thing.
this may confuse you getting the desired ä afterwards.
porge
30-Aug-2004 10:09
Thanks attila at roughdot dot com, however I changed this to :
"/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,4};|#x[0-9a-fA-F]{2,4};)/"
in order to also to match hex-coded entities.
attila at roughdot dot com
04-Aug-2004 12:25
Thx for that function, pinkpanther at swissonline dot ch, though the number of digits after the '#' can be 4, not 3.
I bumped into this when struggeling with the euro sign (€).
function htmlentities2( $myHTML)
{
$translation_table = get_html_translation_table( HTML_ENTITIES, ENT_QUOTES);
$translation_table[chr( 38)] = '&';
return preg_replace( "/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,4};)/", "&" , strtr( $myHTML, $translation_table));
}
m227 at poczta dot onet dot pl
26-May-2004 05:00
// tested with PHP 4.3.4, Apache 1.29
// function works like original htmlentities
// but preserves Polish characters encoded in CP-1250
// (Windows code page) from false conversion
// m227@poczta.onet.pl, 2004
function htmlentities1250($str)
{
// four chars does not need any conversion
// s` (9c), z` (9f), Z` (8f), S` (8c)
$trans = array(
"³" => "\xb3", // "l-"
"¹" => "\xb9", // "a,"
"ê" => "\xea", // "e,"
"æ" => "\xe6", // "c`"
"ñ"=> "\xf1", // "n`"
"¿"=> "\xbf", // "z."
"¥" => "\xa5", // "A,"
"Æ" => "\xc6", // "C`"
"¯" => "\xaf", // "Z."
"Ê" => "\xca", // "E,"
"ó"=> "\xf3", // "o`"
"Ó"=> "\xd3", // "O`"
"£" => "\xa3", // "L-"
"Ñ"=> "\xd1" // "N`"
);
return strtr(htmlentities($str), $trans);
}
mail at britlinks dot com
19-May-2004 11:27
similar to cedric at shift-zone dot be's function, this 'cleans up' text from MS Word, and other non-alphanumeric characters to their valid [X]HTML counterparts
<?php
function htmlfriendly($var,$nl2br = false){
$chars = array(
128 => '€',
130 => '‚',
131 => 'ƒ',
132 => '„',
133 => '…',
134 => '†',
135 => '‡',
136 => 'ˆ',
137 => '‰',
138 => 'Š',
139 => '‹',
140 => 'Œ',
142 => 'Ž',
145 => '‘',
146 => '’',
147 => '“',
148 => '”',
149 => '•',
150 => '–',
151 => '—',
152 => '˜',
153 => '™',
154 => 'š',
155 => '›',
156 => 'œ',
158 => 'ž',
159 => 'Ÿ');
$var = str_replace(array_map('chr', array_keys($chars)), $chars, htmlentities(stripslashes($var)));
if($nl2br){
return nl2br($var);
} else {
return $var;
}
}
?>
cedric at shift-zone dot be
04-May-2004 08:02
This is a conversion function for special chars.
Very usefull to convert a word document into valid html
(the html provided is successfully parsed by sablotron 0.97 using iso-8859-1 charset) :
function convertDoc2HTML($txt){
$len = strlen($txt);
$res = "";
for($i = 0; $i < $len; ++$i) {
$ord = ord($txt{$i});
// check only non-standard chars
if($ord >= 126){
$res .= "&#".$ord.";";
}
else {
// escape ", ' and \ chars
switch($ord){
case 34 :
$res .= "\\\"";
break;
case 39 :
$res .= "\'";
break;
case 92 :
$res .= "\\\\";
break;
default : // the rest does not have to be modified
$res .= $txt{$i};
}
}
}
return $res;
}
jake_mcmahon at hotmail dot com
29-Apr-2004 04:29
This fuction is particularly useful against XSS (cross-site-scripting-). XSS makes use of holes in code, whether it be in Javascript or PHP. XSS often, if not always, uses HTML entities to do its evil deeds, so this function in co-operation with your scripts (particularly search or submitting scripts) is a very useful tool in combatting "H4X0rz".
Guillaume Beaulieu
11-Apr-2004 04:10
Here's a simple script to transform filename with accented character in it into much more usable unaccented character for a restrictive filesystem.
$string = htmlentities($stringToModify);
/* Take the first letter of the entity (if you got filename with ([<>] in it the result will probably remain lookable*/
$string = preg_replace("/\&(.)[^;]*;/", "\\1", $string);
/* Change the whitespace into _*/
$string = preg_replace("/[ ]/", "_", $string);
/* Dance ! */
print $string;
Funky Ants
04-Apr-2004 01:55
I had a problem working with partially html encoded data, with a selection of unescaped ampersands, hex coded, and characters in "&", style.
Which ive finally overcome by decoding all of the data, adn then reincoding it all.
I found a combination of a couple of peoples work useful.
function get_htmlspecialchars( $given, $quote_style = ENT_QUOTES ){
return htmlentities( unhtmlentities( $given ) , $quote_style );
}
function unhtmlentities( $string ){
$trans_tbl = get_html_translation_table ( HTML_ENTITIES );
$trans_tbl = array_flip( $trans_tbl );
$ret = strtr( $string, $trans_tbl );
return preg_replace( '/&#(\d+);/me' , "chr('\\1')" , $ret );
}
wwb at 3dwargamer dot net
31-Mar-2004 06:49
htmlentites is a very handy function, but it fails to fix one thing which I deal with alot: word 'smart' quotes and emdashes.
The below function replaces the funky double quotes with ", funky single quotes with standard single quotes and fixes emdashes.
function CleanupSmartQuotes($text)
{
$badwordchars=array(
chr(145),
chr(146),
chr(147),
chr(148),
chr(151)
);
$fixedwordchars=array(
"'",
"'",
'"',
'"',
'—'
);
return str_replace($badwordchars,$fixedwordchars,$text);
}
arjini at mac dot com
19-Mar-2004 01:49
If you're looking to provide bare bones protection to email addresses posted to the web try this:
###
$string = 'arjini@mac.com';
for($i=0;$i<strlen($string);++$i){
$n = rand(0,1);
if($n)
$finished.='&#x'.sprintf("%X",ord($string{$i})).';';
else
$finished.='&#'.ord($string{$i}).';';
}
echo $finished;
###
This randomly encodes a mix of hex and oridinary HTML entities for every character in the address. Note that a decoding mechanism for this could probably be written just as easily, so eventually the bots will be able to cut through this like butter, but for now, it seems like most harvesters are only looking for non-hex html entities.
stewey at ambitious dot ca
04-Mar-2004 08:11
This version of macRomanToIso (originally posted by: marcus at synchromedia dot co dot uk) offers a couple of improvements. First, it removes the extra slashes '\' that broke the original function. Second, it adds four quote characters not supported in ISO 8859-1. These are the left double quote, right double quote, left single quote and right single quote.
Be sure to remove the line breaks from the two strings going into strtr or this function will not work properly.
Be careful what text you apply this to. If you apply it to ISO 8859-1 encoded text it will likely wreak havoc. I'll save you some trouble with this bit of advice: don't bother trying to detect what charset a certain text file is using, it can't be done reliably. Instead, consider making assumptions based upon the HTTP_USER_AGENT, or prompting the user to specify the character encoding used (perhaps both).
<?php
function macRomanToIso($string)
{
return strtr($string,
"\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b
\x8c\x8d\x8e\x8f\x90\x91\x92\x93\x94\x95\x96\x97
\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f\xa1\xa4\xa6\xa7
\xa8\xab\xac\xae\xaf\xb4\xbb\xbc\xbe\xbf\xc0\xc1
\xc2\xc7\xc8\xca\xcb\xcc\xd6\xd8\xdb\xe1\xe5\xe6
\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf1\xf2\xf3
\xf4\xf8\xfc\xd2\xd3\xd4\xd5",
"\xc4\xc5\xc7\xc9\xd1\xd6\xdc\xe1\xe0\xe2\xe4\xe3
\xe5\xe7\xe9\xe8\xea\xeb\xed\xec\xee\xef\xf1\xf3
\xf2\xf4\xf6\xf5\xfa\xf9\xfb\xfc\xb0\xa7\xb6\xdf\xae
\xb4\xa8\xc6\xd8\xa5\xaa\xba\xe6\xf8\xbf\xa1\xac
\xab\xbb\xa0\xc0\xc3\xf7\xff\xa4\xb7\xc2\xca\xc1
\xcb\xc8\xcd\xce\xcf\xcc\xd3\xd4\xd2\xda\xdb\xd9
\xaf\xb8\x22\x22\x27\x27");
}
?>
Julien CROUZET
27-Nov-2003 02:01
If you are looking for a htmlentities inverse :
<?
$table = array_flip(get_html_translation_table(HTML_ENTITIES));
$plaintext = strtr($html, $table);
?>
Here is a full example to extract plaintext from a SIMPLE html page (not table, etc...)
<?
$file_content = file_get_contents($htmlfile);
$file_content = strip_tags($file_content, '<br>');
$file_content = preg_replace('/<br( )?(\/)?>/i', "\n", $file_content);
$file_content = wordwrap($file_content);
$table = array_flip(get_html_translation_table(HTML_ENTITIES));
$file_content = strtr($file_content, $table);
?>
root[noSPAM]cyberdark.net
24-Nov-2003 08:53
A little function that may help someone. Is useful where, FE, someone writes a text through a content management panel and is also able to put html (bolds, italics,...), so we don't want to convert html tags but all the rest. The code offers a few examples of extra entities.
function myhtmlentities($str) {
$tbl=get_html_translation_table(HTML_ENTITIES);
unset ($tbl["<"]);
unset ($tbl[">"]);
unset ($tbl["'"]);
unset ($tbl['"']);
$tbl["“"]=""";
$tbl["”"]=""";
$tbl["…"]="...";
$tbl["—"]="-";
$tbl["»"]="»";
$tbl["«"]="«";
return str_replace(array_keys($tbl),array_values($tbl),$str);
}
dmurphy at telegeography dot com
19-Sep-2003 01:14
// htmlentities() does not support Mac Roman, so this is a workaround. It requires the below table.
// This function runs on a Mac OSX machine, where text is stored in the Mac Roman character set inside a Mac OSX MySQL table.
function custom_htmlentities ($string, $table) {
// Loop throught the array, replacing each ocurrance
for ($n = 0; $n < count($table); $n++) {
$table_line = each($table);
// use the chr function to get the one character string for each ascii decimal code
$find_char = chr($table_line[key]);
$replace_string = $table_line[value];
$string = str_replace($find_char, $replace_string, $string);
}
return $string;
}
pinkpanther at swissonline dot ch
28-Jul-2003 04:29
In case you want a 'htmlentities' function which prevents 'double' encoding of the ampersands of already present entities (> => &gt;), use this:
function htmlentities2($myHTML) {
$translation_table=get_html_translation_table (HTML_ENTITIES,ENT_QUOTES);
$translation_table[chr(38)] = '&';
return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,3};)/","&" , strtr($myHTML, $translation_table));
}
defrostdj at defrostdj dot com
25-Jul-2003 02:10
Here you have a character map function ;)
<?php
function htmldecode($encoded, $char = 'HTML_SPECIALCHARS') {
foreach($encoded as $key => $value){
echo $value .' --> ';
if ($char == 'HTML_SPECIALCHARS') {
echo htmlspecialchars($value);
} else {
echo htmlentities($value);
}
echo '>br<';
}
}
echo 'ENTITIES<>br<><>br<>';
$entities = get_html_translation_table (HTML_ENTITIES);
htmldecode($entities, 'HTML_ENTITIES');
echo '<>br<>SPECIAL CHARACTERS<>br<><>br<>';
$specialchars = get_html_translation_table (HTML_SPECIALCHARS);
htmldecode($specialchars, 'HTML_SPECIALCHARS');
?>
So next time you're developing you'll always have a charmap ready to use.
webwurst at web dot de
29-Jun-2003 02:20
This function changes all entities to unicode-entities.
For example '<' becomes '<', '©' becomes '©', etc.
function xmlentities($string, $quote_style=ENT_COMPAT)
{
$trans = get_html_translation_table(HTML_ENTITIES, $quote_style);
foreach ($trans as $key => $value)
$trans[$key] = '&#'.ord($key).';';
return strtr($string, $trans);
}
Anthony Aragues
24-Jun-2003 06:24
I found in a previous not the function for encoding the input... which worked great, but it also encoded the   and <br> that was being automatically added in my POST, so I created and Output function to go with it that worked for me:
function VerbatimInput($String)
{
$Output = mysql_escape_string(htmlentities(addslashes($String)));
return $Output;
}
function VerbatimOutput($Input)
{
$Output = str_replace("<br />", "<br>", "$Input");
$Output = str_replace("&nbsp;", " ", "$Output");
return $Output;
}
rob at neorosa dot com
28-Feb-2003 10:12
This function will encode everything, either using ascii values or special entities:
function encode_everything($string){
$encoded = "";
for ($n=0;$n<strlen($string);$n++){
$check = htmlentities($string[$n],ENT_QUOTES);
$string[$n] == $check ? $encoded .= "&#".ord($string[$n]).";" : $encoded .= $check;
}
return $encoded;
}
so you can use:
$emailAddress = encode_everything($emailAddress);
to protect an email address - although I imagine it's not a great deal of protection.
Bassie (:
05-Jan-2003 06:07
Note that you'll have use htmlentities() before any other function who'll edit text like nl2br().
If you use nl2br() first, the htmlentities() function will change < br > to <br>.
kumar at chicagomodular.com
28-Oct-2002 07:51
without heavy scientific analysis, this seems to work as a quick fix to making text originating from a Microsoft Word document display as HTML:
function DoHTMLEntities ($string)
{
$trans_tbl = get_html_translation_table (HTML_ENTITIES);
// MS Word strangeness..
// smart single/ double quotes:
$trans_tbl[chr(145)] = '\'';
$trans_tbl[chr(146)] = '\'';
$trans_tbl[chr(147)] = '"';
$trans_tbl[chr(148)] = '"';
// é :
$trans_tbl[chr(142)] = 'é';
return strtr ($string, $trans_tbl);
}
| |
html_entity_decode