MDanz Posted July 2, 2012 Share Posted July 2, 2012 Do i have to use ENT_QUOTES with htmlspecialchars in the example below? I haven't use ENT_QUOTES in code similar to the example, do i have to change this? $var = htmlspecialchars("the title"); //user title <div data-title='$var'>$var</div> Link to comment https://forums.phpfreaks.com/topic/265107-htmlspecialchars-ent_quotes-help/ Share on other sites More sharing options...
Psycho Posted July 2, 2012 Share Posted July 2, 2012 If you do not use ENT_QUOTES and the content of $var contains a single quote mark it will break that output. Take the example of the value being "Tom O'Maley" (without the double quotes). The output would be <div data-title='Tom O'Maley'>Tom O'Maley</div> The value of the data-title parameter would resolve to "Tom O" because the single quote in "O'Maley" would close the opening single quote for that parameter. Link to comment https://forums.phpfreaks.com/topic/265107-htmlspecialchars-ent_quotes-help/#findComment-1358542 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.