htmlspecialchars problem

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
destiny_cores
Forum Newbie
Posts: 8
Joined: Fri Mar 17, 2006 9:05 am

htmlspecialchars problem

Post by destiny_cores »

I try this code

<?php
$new = htmlspecialchars("<a href='test'>Test</a>");
echo $new; // <a href='test'>Test</a>
?>
result should be in comment but my result is

<a href='test'>Test</a>

no change. what happen? Help me please....

thank you
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

Are you wanting..

Code: Select all

htmlentities();
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

you are displaying the html entity and not parsing the html tag..


If you see <a href='test'>Test</a> as your output, go to view source and you'll see you actually are displaying the html entity, otherwise you'd simply see Test


fyi, htmlentities() is nearly identical to htmlspecialchars()
Post Reply