PHP function htmlspecialchars - escaping characters
Available in PHP 4, 5, 7.
Converts special characters that have meaning in HTML to HTML entities that can be rendered in the normal way.
Parameters
| Parameter | Data type | Default value | Note |
|---|---|---|---|
$string |
string |
not | String to be converted. |
$flags |
int |
ENT_COMPAT |
A bitmask of one or more of the following flags, which specify how to handle quotes, invalid code unit sequences and the used document type. The default is `ENT_COMPAT |
$encoding |
string |
'UTF-8' |
Defines the encoding used in conversion. If omitted, the default value for this argument is ISO-8859-1 in versions of PHP prior to 5.4.0, and UTF-8 from PHP 5.4.0 onwards. |
$double_encode |
bool |
true |
When double_encode is turned off PHP will not encode existing html entities, the default is to convert everything. |
Return values
string Modified string.
Other switches
| Constant | Description |
|---|---|
ENT_SUBSTITUTE |
Replace invalid code unit sequences with a Unicode Replacement Character U+FFFD (UTF-8) or &#FFFD; (otherwise) instead of returning an empty string. |
ENT_DISALLOWED |
Replace invalid code points for the given document type with a Unicode Replacement Character U+FFFD (UTF-8) or &#FFFD; (otherwise) instead of leaving them as is. This may be useful, for instance, to ensure the well-formedness of XML documents with embedded external content. |
ENT_HTML401 |
Handle code as HTML 4.01. |
ENT_XML1 |
Handle code as XML 1. |
ENT_XHTML |
|
ENT_HTML5 |
Other resources
[Official htmlspecialchars documentation](- Official php.net documentation)