frijole Posted March 7, 2008 Share Posted March 7, 2008 both of these functions encode the HTML tags, but, I don't understand what the purpose is? you encode them, and them when you use them again just decode them? I would appreciate if someone could give me some insight into this, or maybe just an example. thanks. Link to comment https://forums.phpfreaks.com/topic/94968-htmlentities-htmlspecialchars-question-yes-i-read-the-manual/ Share on other sites More sharing options...
Daney11 Posted March 7, 2008 Share Posted March 7, 2008 For example, if i had a form.. If someone entered ">Script Error <input name="form" type="text" value="<?php echo $name; ?>" /> My form would break and script error would be on the website. However <input name="form" type="text" value="<?php echo htmlentities($name); ?>" /> The script error would be still inside the form and it wouldnt break. Link to comment https://forums.phpfreaks.com/topic/94968-htmlentities-htmlspecialchars-question-yes-i-read-the-manual/#findComment-486460 Share on other sites More sharing options...
frijole Posted March 7, 2008 Author Share Posted March 7, 2008 so you encode it in that case, and then decode if you want to echo something? Link to comment https://forums.phpfreaks.com/topic/94968-htmlentities-htmlspecialchars-question-yes-i-read-the-manual/#findComment-486463 Share on other sites More sharing options...
Daney11 Posted March 7, 2008 Share Posted March 7, 2008 You dont have to decode it i dont think. Just trial and error it all Link to comment https://forums.phpfreaks.com/topic/94968-htmlentities-htmlspecialchars-question-yes-i-read-the-manual/#findComment-486466 Share on other sites More sharing options...
frijole Posted March 7, 2008 Author Share Posted March 7, 2008 alright, thanks for the help Link to comment https://forums.phpfreaks.com/topic/94968-htmlentities-htmlspecialchars-question-yes-i-read-the-manual/#findComment-486468 Share on other sites More sharing options...
BlueSkyIS Posted March 7, 2008 Share Posted March 7, 2008 as far as i know there is no "decode_htmlentities()". the purposes of the functions is to ensure that plain text characters like greater than, less than, etc. don't screw up the form presentation when they are used in a form element. as mentioned, if you echo a less than sign in a form element, chances are good that it will screw up the form element. i think the worst are single and double quotes. Link to comment https://forums.phpfreaks.com/topic/94968-htmlentities-htmlspecialchars-question-yes-i-read-the-manual/#findComment-486469 Share on other sites More sharing options...
Orio Posted March 7, 2008 Share Posted March 7, 2008 You don't have to always encode it. You encode it when you want to output user input. Example- this very forum- our messages may contain html, but obviously we don't want the html we write in our messages to be interpreted as html, we simply want other to see exactly what's written. So if I write </html> our browsers won't think it's part of the html code, because SMF uses htmlentites() on the posts (check the source if you want to, you'll see < and >) Orio Link to comment https://forums.phpfreaks.com/topic/94968-htmlentities-htmlspecialchars-question-yes-i-read-the-manual/#findComment-486472 Share on other sites More sharing options...
frijole Posted March 7, 2008 Author Share Posted March 7, 2008 so why does </html> come out that way when it is encoded? htmlentities() changes the string, so when does it get changed back into its original form? Link to comment https://forums.phpfreaks.com/topic/94968-htmlentities-htmlspecialchars-question-yes-i-read-the-manual/#findComment-486489 Share on other sites More sharing options...
Orio Posted March 7, 2008 Share Posted March 7, 2008 Because the browsers know that if they encounter a < they need to output "<" (or maybe ">" I don't remember). It's part of the standard in HTML4: http://www.w3.org/TR/html401/sgml/entities.html Orio. Link to comment https://forums.phpfreaks.com/topic/94968-htmlentities-htmlspecialchars-question-yes-i-read-the-manual/#findComment-486532 Share on other sites More sharing options...
frijole Posted March 7, 2008 Author Share Posted March 7, 2008 Ok, thanks a lot for clarifying that. That was precisely what I was confused about. Link to comment https://forums.phpfreaks.com/topic/94968-htmlentities-htmlspecialchars-question-yes-i-read-the-manual/#findComment-486545 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.