Resolution of the conversion problem of HTML tags in PHP

When writing PHP , many friends will inevitably encounter the need to escape the HTML tag storage. such as database, XML files. When it is stored, it needs to be translated into HTML output . There are many conversion functions written by people on the Internet, which are very long and difficult to understand. In fact, PHP has already come with such a function. You don't have to write it yourself.

The following describes the two functions respectively.

1.htmlentities () function:

Description: Converts HTML tags to special characters. For example, convert <script> to "&lt;script&gt;"

Example:

[PHP]View Plaincopy

2. An imaginary article submission from a bad user
4. It would redirect anyone to example.com if the code was run in a browser
6. $userInput = "I am going to hax0r your site, hahaha!
8. <script type=&apos;text/javascript&apos;>
10. Window.location = &apos;http://www.example.com/&apos;
12. </script>&apos; ";
16. Lets make it safer before we use it
18. $userInputEntities = Htmlentities ($userInput);
22. Now we can display it
24. Echo $userInputEntities;

Since the most recent CSDN control is garbage, change the above $apos to single quotes. ---call!

When the above statement executes, the following results are generated

[HTML]View Plaincopy

1. I am going to hax0r your site, hahaha!
2. <script type=&apos;text/javascript&apos;>
3. Window.location = &apos;http://www.88web.org/&apos;
4. </script>&apos;

2.html_entity_decode () function

Description: Converts a string that is escaped from the htmlentities () function to an HTML tag.

Example:

[PHP]View Plaincopy

1. $orig = "I&apos;ll/" walk/"the <b>dog</b> Now";
3. $a = htmlentities ($orig);
5. $b = Html_entity_decode ($a);
7. echo $a; I'll "Walk" the <b>dog</b> Now
9. Echo $b; I'll "Walk" the <b>dog</b> Now

Reprinted from: http://blog.sina.com.cn/s/blog_a144530d0101d6li.html

Resolution of the conversion problem of HTML tags in PHP