Tutorialsplane

PHP htmlentities function


PHP htmlentities function : This function coverts all applicable characters to the HTML entities. It accepts string as input parameter and returns the encoded string.

Let us understand the htmlentities with very basic example – Suppose you have a form and it has a text field textarea and user posts data using this field and you want print each and everything user submits using the form textarea. Suppose he enters raw data like this – <b>Hi its me John</b> now what would happen when user see form data on browser it will show something bold string like this – Hi its me John which is wrong because it should show output like this – <b>Hi its me John</b>.Now to fix this problem convet HTML tags to its equivalent entities. This is done by using the function htmlentities().

for example if you use this –

$string = "<b>Hi its me John</b>";
echo htmlentities($string);

Equivalent html entities will be –

This will print the output by converting them in entities like – <b>Hi its me John</b<

.

Note : This function is identical to function htmlspecialchars() almost in all ways except the characters which have HTML entity character entity equivalents are converted to entities.

We are going to explain this function with example and demo.


PHP htmlentities function Syntax

Here is syntax for htmlentities-

:

htmlentities(string,flags,char-set,double_encode);

Input Parameters

Desription about input parameters of htmlentities-

Return Parameter

Returns the encoded string on the basis of the flags,char-set and double_encode parameters which are optional but plays and important role while encoding process. Here are some example which will make the things more clear about the PHP htmlentities function.

PHP htmlentities function

Here is very basic example of htmlentities function-

html entities function Example:

$string = "<tutorialsplane learn="" easy="">. Learn 'More' here <b>now</b>";
echo htmlentities($string);

</tutorialsplane>

Try It »

If you run the above example it produce the following output as below-

Note : The above image is HTML output. For Browser output click the below try button.

Try It »

The browser output will be something like this-


More Examples

Let’s have look over more example and demo here.


htmlentities Example with ENT_COMPAT,ENT_QUOTES & ENT_NOQUOTES

htmlentities Example:

$string = "'Tutorialsplane Learn Easy!' &  Learn 'More' here <b>now</b>";
echo htmlentities($string,ENT_COMPAT)."<br/>";
echo htmlentities($string,ENT_QUOTES )."<br/>";
echo htmlentities($string,ENT_NOQUOTES)."<br/>";

Try It »

The HTML Output of the above example is –

The Browser Output of the above example is –

If You want reverse of this function just use –

Learn More – html_entity_decode function


Secure Your Application Using htmlentities

Let us take a very important example which every developer should know and use while working with input fields and storing them in database and displaying them on front end.


Consider you have used htmlentities while displaying data in front end and someone inserts a few lines of javascript to redirect to some other location such as –

Unsafe Data in Html:


What would happen if this code is not encoded ?? it will consider that you have inserted above piece of javascript in html which will always redirect to the given url instead of printing the above code.

To fix the above problem use htmlentites which convet HTML tags to entities and will print instead on redirecting.

If you use html entities it will convert the above code as –

So now your html data is secure which will now print the below data instead of redirecting to another url-