How PHP htmlspecialchars() Function Works

In PHP htmlspecialchars() function is used for encoding the string. By the use of the htmlspecialchars function, we will encode our string by specifying confident parameters for it. The Htmlspecialchars function converts some particular character of the string into HTML primarily based entities, now we have a number of the pre-defined characters which are obtained and transformed by this htmlspecialchars function in PHP. That is used when we wish to apply some HTML code in between the string. htmlspecialchars functions take a number of inputs because of their parameters. we are going to focus on this within the coming part in additional elements.

Read Also: 17 Basic PHP String Functions

Syntax PHP htmlspecialchars() function:

htmlspecialchars function takes a number of parameters because the enter from the person, additionally these totally different parameters characterize several types of roles in changing the string to HTML primarily based entity. For higher understanding, we are going to see its syntax see downward.

htmlspecialchars(your_string,flags_if_any,character-set_if_any,double_encode_if_any)

In order for you’ll be able to see within the above syntax we’re passing a number of parameters to this htmlspecialchars function in PHP all serve a distinct goal. However, the string is the necessary parameter right here which is required when calling this function. Here we have a simple example.

htmlspecialchars("Hello, This is my String <br>")

Output πŸ™‚ Hello, This is my String.

How does htmlspecialchars function work in PHP?

As of now we all know that the htmlspecialchars function is issued to encode the particular character’s current in a string, these particular characters are already pre-defined within the HTML. we’ll focus on extra this. HTML supplies us with 5 kinds of pre-defined particular characters that are described beneath.

Let’s focus on each of them intimately.

i) > or larger than : In HTML this particular character grow to be &gt; whereas encoding our string to HTML entities. So if you wish to use this we have to use the β€˜>’ image for this.

<?php
$str = "Hello, This is greater than symbol > .";
?>

It will now encode β€˜>’ into the &gt; the place ever it is going to seem.

ii) < or smaller than : In HTML this particular character grow to be &lt; whereas encoding our string to HTML entities. So if you wish to use this we have to use the β€˜<β€˜ image for this.

<?php
$str = "Hello, This is lesser than symbol < .";
?>

It will now encode β€˜<β€˜ into the &lt; the place ever it is going to seem.

iii) & or ampersand : In HTML this particular character grows to be &amp; whereas encoding our string to HTML entities. So if you wish to use this we have to use the β€˜&’ image for this. For higher understanding see the instance beneath;

<?php
$str = "Hello, This is ampersand symbol & .";
?>

It will now encode β€˜&’ into the &amp; the place ever it is going to seem.

iv) single quote: In HTML this particular character turns into’ whereas encoding our string to HTML entities. So if you wish to use this we have to use ”’ image for this.

<?php
$str = "Hello, This is single quote symbol ' .";
?>

It will now encode ’ into the β€˜ the place ever it is going to seem.

v) “” double quote: In HTML this particular character turns into &quot; whereas encoding our string to HTML entities. So if you wish to use this we have to use the β€˜β€β€˜ image for this.

<?php
$str = "Hello, This is double quote symbol " .";
?>

It will now encode β€˜β€β€˜ into the &quot; the place ever it is going to seem.

Now we’ll speak in regards to the htmlspecialchars function signature that we’ve. This function takes 4 parameters. However, the string parameter is necessary as soon as we’ve to go. Different is optionally available.

Signature

htmlspecialchars(your_string,flags_if_any,character-set_if_any,double_encode_if_any)

i) String: That is the string that we wish to encode into HTML entities at any time when the particular character is outlined on paper within the string.

ii) double_encode: This parameter if specifying will resolve whether we have to encode the string or not. It’s a Boolean parameter that takes the worth as true or false. By default its worth is TRUE meaning it is going to encode the string of particular characters.

iii) character-set: This parameter can also be optionally available, this parameter will resolve which chatter set must be used right here. We now have a number of characters set out there a few of them are specified beneath;

  • UTF-8
  • EUC-JP
  • many extras

iv) flags if any: This parameter can also be optionally available within the function. This parameter will resolve the quoting fashion for the string encoding.

  1. ENT_NOQUOTES : This flag specifies that no quotes can be encoded right here. neither single nor double quotes.
  2. ENT_QUOTES : This flag will specify that each of the quotes can be encoded into the string, single or double.
  3. ENT_COMPAT : This parameter will solely encode the double quotes current into the string. That is the default encoding fashion for the htmlspecialchars function in PHP.

Some factors to be remembered.

  • String param is necessary.
  • It will encode the string the place every particular character seems.
  • HTML has defied some predefined characters. It will forestall the HTML pages from dangerous assaults as properly.

Example

In this example, we are attempting to encode our string which has some of special characters.

<h2 style="color:red;">Example for htmlspecialchars function</h2>
<?php
//here we are using htmlspecialchars function to encode our string and printing the result
echo htmlspecialchars('Example for "htmlspecialchars" function in PHP ', ENT_NOQUOTES);
?>
htmlspecialchars
Output

Conclusion

By way of this, we are able to forestall our HTML web page from dangerous hyperlinks. As a result, it’ll encode the string if there may be any particular character current inside it. We simply want to make use of the htmlspecialchars technique and move the parameters in line with our necessities.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top