PHP htmlspecialchars() Function
Example
Convert the predefined characters "<" (less than) and ">" (greater than) to HTML entities:
<?php
$str = "This is some <b>bold</b> text.";
echo htmlspecialchars($str);
?>
The HTML output of the code above will be (View Source):
<!DOCTYPE html>
<html>
<body>
This is some <b>bold</b> text.
</body>
</html>
The browser output of the code above will be:
This is some <b>bold</b> text.
Run example »
Definition and Usage
The htmlspecialchars() function converts some predefined characters to HTML entities.
The predefined characters are:
- & (ampersand) becomes &
- " (double quote) becomes "
- ' (single quote) becomes '
- < (less than) becomes <
- > (greater than) becomes >
Tip: To convert special HTML entities back to characters, use the htmlspecialchars_decode() function.
Syntax
htmlspecialchars(string,flags,character-set,double_encode)
Parameter | Description |
---|---|
string | Required. Specifies the string to convert |
flags | Optional. Specifies how to handle quotes, invalid encoding and the used document type. The available quote styles are:
Invalid encoding:
Additional flags for specifying the used doctype:
|
character-set | Optional. A string that specifies which character-set to use. Allowed values are:
Note: Unrecognized character-sets will be ignored and replaced by ISO-8859-1 in versions prior to PHP 5.4. As of PHP 5.4, it will be ignored an replaced by UTF-8. |
double_encode | Optional. A boolean value that specifies whether to encode existing html entities or not.
|
Technical Details
Return Value: | Returns the converted string If the string contains invalid encoding, it will return an empty string, unless either the ENT_IGNORE or ENT_SUBSTITUTE flags are set |
---|---|
PHP Version: | 4+ |
Changelog: | The default value for the character-set parameter was changed to UTF-8 in PHP 5 ENT_SUBSTITUTE, ENT_DISALLOWED, ENT_HTML401, ENT_HTML5, ENT_XML1 and ENT_XHTML were added in PHP 5.4 ENT_IGNORE was added in PHP 5.3 The double_encode parameter was added in PHP 5.2.3 The character-set parameter was added in PHP 4.1 |
More Examples
Example 1
Convert some predefined characters to HTML entities:
<?php
$str = "Jane & 'Tarzan'";
echo htmlspecialchars($str, ENT_COMPAT); // Will only convert double quotes
echo "<br>";
echo htmlspecialchars($str, ENT_QUOTES); // Converts double and single quotes
echo "<br>";
echo htmlspecialchars($str, ENT_NOQUOTES); // Does not convert any quotes
?>
The HTML output of the code above will be (View Source):
<!DOCTYPE html>
<html>
<body>
Jane & 'Tarzan'<br>
Jane & 'Tarzan'<br>
Jane & 'Tarzan'
</body>
</html>
The browser output of the code above will be:
Jane & 'Tarzan'
Jane & 'Tarzan'
Jane & 'Tarzan'
Run example »
Example 2
Convert double quotes to HTML entities:
<?php
$str = 'I love "PHP".';
echo htmlspecialchars($str, ENT_QUOTES); // Converts double and single quotes
?>
The HTML output of the code above will be (View Source):
<!DOCTYPE html>
<html>
<body>
I love "PHP".
</body>
</html>
The browser output of the code above will be:
I love "PHP".
Run example »
❮ PHP String Reference