PHP function htmlspecialchars - escaping characters

26. 11. 2019

Obsah článku

Available in `PHP 4, 5, 7`.

Converts special characters that have meaning in HTML to HTML entities that can be rendered in the normal way.


Parameter Data type Default value Note
$string string not String to be converted.
$flags int ENT_COMPAT A bitmask of one or more of the following flags, which specify how to handle quotes, invalid code unit sequences and the used document type. The default is `ENT_COMPAT
$encoding string 'UTF-8' Defines the encoding used in conversion. If omitted, the default value for this argument is ISO-8859-1 in versions of PHP prior to 5.4.0, and UTF-8 from PHP 5.4.0 onwards.
$double_encode bool true When double_encode is turned off PHP will not encode existing html entities, the default is to convert everything.

Return values

string Modified string.

Other switches

Constant Description
ENT_SUBSTITUTE Replace invalid code unit sequences with a Unicode Replacement Character U+FFFD (UTF-8) or &#FFFD; (otherwise) instead of returning an empty string.
ENT_DISALLOWED Replace invalid code points for the given document type with a Unicode Replacement Character U+FFFD (UTF-8) or &#FFFD; (otherwise) instead of leaving them as is. This may be useful, for instance, to ensure the well-formedness of XML documents with embedded external content.
ENT_HTML401 Handle code as HTML 4.01.
ENT_XML1 Handle code as XML 1.

Other resources

[Official htmlspecialchars documentation](- Official documentation)

Jan Barášek   Více o autorovi

Autor článku pracuje jako seniorní vývojář a software architekt v Praze. Navrhuje a spravuje velké webové aplikace, které znáte a používáte. Od roku 2009 nabral bohaté zkušenosti, které tímto webem předává dál.

Rád vám pomůžu:

Související články


V jiných jazycích