htmlencode vs htmlspecialchars

3 posts by 2 authors in: Forums > CMS Builder
Last Post: November 7, 2023   (RSS)

By Dave - November 6, 2023

Hi Kenny, 

Yes, but with some extra options, it's actually equivalent to this: 

htmlspecialchars($contact_usRecord['email'], ENT_QUOTES|ENT_SUBSTITUTE|ENT_HTML5, 'UTF-8')

That was just a lot to type each time so we wrote a shortcut function.  Here's what the options do: 

  • ENT_QUOTES        // encode ' as &apos;  Only matters if your output is in a single quoted attribute, eg: <input value='$var'>
  • ENT_SUBSTITUTE // replace invalid UTF-8 chars with � instead of returning empty string, so a single invalid char doesn't blank out your string
  • ENT_HTML5           // encode as HTML 5
  • UTF-8                      // Encode as UTF-8 (in case php.ini default_charset  is set to something else)

Hope that helps, let me know any other questions.

Dave Edis - Senior Developer
interactivetools.com

By KennyH - November 7, 2023

Fantastic! I knew it was something like that, I just couldn't remember why and I vaguely remember when you introduced it.

Thanks - KH