" (greater than) to HTML entities: bold " (greater than) to HTML entities: bold

YouTip LogoYouTip

Func String Htmlspecialchars

PHP String Reference Manual PHP String Reference Manual

Example

Convert predefined characters "<" (less than) and ">" (greater than) to HTML entities:

<?php
$str = "This is some <b>bold</b> text.";
echo htmlspecialchars($str);
?>

The HTML output of the above code is as follows (view source code):

<!DOCTYPE html>
<html>
<body>
This is some &lt;b&gt;bold&lt;/b&gt; text.
</body>
</html>

The browser output of the above code is as follows:

This is some bold text.

Run Example Β»


Definition and Usage

The htmlspecialchars() function converts some predefined characters to HTML entities.

The predefined characters are:

  • & (ampersand) becomes &amp;
  • " (double quote) becomes &quot;
  • ' (single quote) becomes '
  • < (less than) becomes &lt;
  • > (greater than) becomes &gt;

Tip: To convert special HTML entities back to characters, use the htmlspecialchars_decode() function.


Syntax

htmlspecialchars(string,flags,character-set,double_encode)

Parameter Description
string Required. Specifies the string to be converted.
flags Optional. Specifies how to handle quotes, invalid encoding, and which document type to use. Available quote types: * ENT_COMPAT - Default. Encodes double quotes only. * ENT_QUOTES - Encodes both double and single quotes. * ENT_NOQUOTES - Does not encode any quotes. Invalid encoding: * ENT_IGNORE - Ignores invalid encoding instead of making the function return an empty string. Should be avoided as it may have security implications. * ENT_SUBSTITUTE - Replaces invalid encoding with a specified character containing the Unicode replacement character U+FFFD (UTF-8) or � instead of returning an empty string. * ENT_DISALLOWED - Replaces invalid code points in the specified document type with the Unicode replacement character U+FFFD (UTF-8) or �. Additional flags for specifying the document type to use: * ENT_HTML401 - Default. Treats code as HTML 4.01. * ENT_HTML5 - Treats code as HTML 5. * ENT_XML1 - Treats code as XML 1. * ENT_XHTML - Treats code as XHTML.
character-set Optional. A string that specifies the character set to be used. Allowed values: * UTF-8 - Default. ASCII compatible multi-byte 8-bit Unicode * ISO-8859-1 - Western European * ISO-8859-15 - Western European (includes euro sign + French and Finnish letters missing from ISO-8859-1) * cp866 - DOS-specific Cyrillic character set * cp1251 - Windows-specific Cyrillic character set * cp1252 - Windows-specific Western European character set * KOI8-R - Russian * BIG5 - Traditional Chinese, mainly used in Taiwan * GB2312 - Simplified Chinese, national standard character set * BIG5-HKSCS - Big5 with Hong Kong extensions * Shift_JIS - Japanese * EUC-JP - Japanese * MacRoman - Character set used by Mac operating system Note: In PHP versions prior to 5.4, unrecognized character sets were ignored and replaced by ISO-8859-1. Starting from PHP 5.4, unrecognized character sets are ignored and replaced by UTF-8.
double_encode Optional. A boolean value that specifies whether to encode existing HTML entities. * TRUE - Default. Will convert each entity. * FALSE - Will not encode existing HTML entities.

Technical Details

Return Value: Returns the converted string. Returns an empty string if string contains invalid encoding, unless ENT_IGNORE or ENT_SUBSTITUTE flags are set.
PHP Version: 4+
Changelog: In PHP 5, the default value of the character-set parameter was changed to UTF-8. In PHP 5.4, the following were added: ENT_SUBSTITUTE, ENT_DISALLOWED, ENT_HTML401, ENT_HTML5, ENT_XML1, and ENT_XHTML. In PHP 5.3, ENT_IGNORE was added. In PHP 5.2.3, the double_encode parameter was added. In PHP 4.1, the character-set parameter was added.

More Examples

Example 1

Convert some predefined characters to HTML entities:

<?php
$str = "Jane & 'Tarzan'";
echo htmlspecialchars($str, ENT_COMPAT);
echo"<br>";
echo htmlspecialchars($str, ENT_QUOTES);
echo"<br>";
echo htmlspecialchars($str, ENT_NOQUOTES);
?>

The HTML output of the above code is as follows (view source code):

<!DOCTYPE html>
<html>
<body>
Jane &amp; 'Tarzan'<br>
Jane &amp; 'Tarzan'<br>
Jane &amp; 'Tarzan'
</body>
</html>

The browser output of the above code is as follows:

Jane & 'Tarzan'

Jane & 'Tarzan'

Jane & 'Tarzan'

Run Example Β»

Example 2

Convert double quotes to HTML entities:

<?php
$str = 'I love "PHP".';
echo htmlspecialchars($str, ENT_QUOTES);
?>

The HTML output of the above code is as follows (view source code):

<!DOCTYPE html>
<html>
<body>
I love &quot;PHP&quot;.
</body>
</html>

The browser output of the above code is as follows:

I love "PHP".

Run Example Β»


PHP String Reference Manual PHP String Reference Manual

← Func String ImplodeFunc String Htmlspecialchars D β†’