When writing PHP , many friends will inevitably encounter the need to escape the HTML tag storage. such as database, XML files. When it is stored, it needs to be translated into HTML output . There are many conversion functions written by people on the Internet, which are very long and difficult to understand. In fact, PHP has already come with such a function. You don't have to write it yourself.
The following describes the two functions respectively.
1.htmlentities () function:
Description: Converts HTML tags to special characters. For example, convert <script> to "<script>"
Example:
[PHP]View Plaincopy
- An imaginary article submission from a bad user
- It would redirect anyone to example.com if the code was run in a browser
- $userInput = "I am going to hax0r your site, hahaha!
- <script type='text/javascript'>
- Window.location = 'http://www.example.com/'
- </script>' ";
- Lets make it safer before we use it
- $userInputEntities = Htmlentities ($userInput);
- Now we can display it
- Echo $userInputEntities;
Since the most recent CSDN control is garbage, change the above $apos to single quotes. ---call!
When the above statement executes, the following results are generated
[HTML]View Plaincopy
- I am going to hax0r your site, hahaha!
- <script type='text/javascript'>
- Window.location = 'http://www.88web.org/'
- </script>'
2.html_entity_decode () function
Description: Converts a string that is escaped from the htmlentities () function to an HTML tag.
Example:
[PHP]View Plaincopy
- $orig = "I'll/" walk/"the <b>dog</b> Now";
- $a = htmlentities ($orig);
- $b = Html_entity_decode ($a);
- echo $a; I'll "Walk" the <b>dog</b> Now
- Echo $b; I'll "Walk" the <b>dog</b> Now
Reprinted from: http://blog.sina.com.cn/s/blog_a144530d0101d6li.html
Resolution of the conversion problem of HTML tags in PHP