Page 1 of 1

HTML entities in email

Posted: Tue Apr 15, 2008 7:07 pm
by gr8dane
I'm using values entered in a form to send an email using the mail() function. When the form is posted, I apply the htmlspecialchars() function to the values. The problem comes when I send the email: The HTML entities don't get translated in the email. I've considered decoding the values before I use them in the email, but wouldn't that open me up to the security problems the encoding was meant to avoid?

Re: HTML entities in email

Posted: Fri Apr 25, 2008 11:41 pm
by Chris Corbyn
Are you sending the email in plain text or HTML format? You need a Content-Type header in your email.

Re: HTML entities in email

Posted: Sat Apr 26, 2008 12:19 am
by gr8dane
Plain text.

Re: HTML entities in email

Posted: Sat Apr 26, 2008 4:50 am
by Chris Corbyn
gr8dane wrote:Plain text.
So what do you expect to happen when you send HTML in plain text?

EDIT | Security issues would be eliminated if you specify the correct charset in your content-type header.

Re: HTML entities in email

Posted: Thu May 08, 2008 5:44 am
by kb0000
You should include HTML charset in the the header