PHP: Safely display quotes and other special characters

This example uses the htmlspecialchars() command to convert all special characters in a string to "browser safe" versions. This is useful for displaying double quotes in a form's textfield and preventing user text from containing HTML markup during form input.

code snippet:


<?php



$userinput = 'she said \"this is a quote \"';

$safetext = htmlspecialchars($userinput);



// $userinput contains:

// she said "this is a quote"



// $safetext contains:

// she said &amp;this is a quote&amp;

?>

Digg

del.icio.us

StumbleUpon

PHP

Reading:

PHP: Safely display quotes and other special characters