dsaba Posted March 9, 2007 Share Posted March 9, 2007 this is weird is there a setting in php.ini that turns off this? i am using a freehost to upload .php files (yes i know i can use my own pc) anyways i copied the exact example from php.net <?php $str = "A 'quote' is <b>bold</b>"; // Outputs: A 'quote' is <b>bold</b> echo htmlentities($str); // Outputs: A 'quote' is <b>bold</b> echo htmlentities($str, ENT_QUOTES); ?> and it did not work it gave me the string just like it is why? Quote Link to comment Share on other sites More sharing options...
btherl Posted March 9, 2007 Share Posted March 9, 2007 Did you view the source? The rendered HTML (which you see in the browser) will have the html entities converted back to normal. To see the source, look in the View menu for something like "View Source" Quote Link to comment Share on other sites More sharing options...
dsaba Posted March 9, 2007 Author Share Posted March 9, 2007 hmmm it is like its supposed to be in the source but the point of me using html entities is to make it look like that in the BROWSER i'm trying to filter out any html tags for security purposes is there a way i can do that? Quote Link to comment Share on other sites More sharing options...
btherl Posted March 9, 2007 Share Posted March 9, 2007 For the purposes of security, you might want to use strip_tags(): http://sg.php.net/manual/en/function.strip-tags.php Regarding security, calling htmlentities() once should ensure that html is displayed, rather than interpreted by the browser. You should see the bold tags instead of seeing bold text. If you really want to see the htmlentities() output in the browser, call htmlentities() twice. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.