reverse htmlspecialchars
Use htmlspecialchars_decode()
<?php
$str = "<p>this -> "</p>\n";
echo htmlspecialchars_decode($str);
// note that here the quotes aren't converted
echo htmlspecialchars_decode($str, ENT_NOQUOTES);
?>
Reference - PHP Official Doc How to convert htmlspecialchars into normal text?
Use the html_entity_decode()
function.
It decodes ALL html entities.
DO NOT USE htmlspecialchars_decode()
!!! It won't work for things like A
.
Try this:
echo htmlspecialchars_decode('A'), html_entity_decode('A');
It should output AA
.Documentation
What is the HtmlSpecialChars equivalent in JavaScript?
There is a problem with your solution code--it will only escape the first occurrence of each special character. For example:
escapeHtml('Kip\'s <b>evil</b> "test" code\'s here');
Actual: Kip's <b>evil</b> "test" code's here
Expected: Kip's <b>evil</b> "test" code's here
Here is code that works properly:function escapeHtml(text) {
return text
.replace(/&/g, "&")
.replace(/</g, "<")
.replace(/>/g, ">")
.replace(/"/g, """)
.replace(/'/g, "'");
}
Update
The following code will produce identical results to the above, but it performs better, particularly on large blocks of text (thanks jbo5112).function escapeHtml(text) {
var map = {
'&': '&',
'<': '<',
'>': '>',
'"': '"',
"'": '''
};
return text.replace(/[&<>"']/g, function(m) { return map[m]; });
}
htmlspecialchars() is causing a variable to return blank data?
From the website you linked, it is obvious that the page itself uses UTF-8 for character encoding (<meta charset="UTF-8">
). It seems that the database from which you fetch your data uses a character encoding that is not equal to the ini_get("default_charset")
value. If you get the encoding wrong, htmlspecialchars
will return the empty string, which is what you're seeing here.
The solution is to be consistent in (or explicit about) which character encoding you're using. This is a lot simpler when you use one character encoding for everything. Let's use UTF-8 as a good example:
- Tell the browser you're using UTF-8. You already do that with the meta tag, so that's good.
- Tell PHP you're using UTF-8. Make sure that php.ini sets
default_charset
toUTF-8
. - Tell MySQL you're using UTF-8. Make sure the tables in your database use UTF-8 as their encoding -edit- or tell the MySQL interface to use UTF-8.
mb_convert_encoding
to convert the strings between the different character encodings that the browser is expecting, that PHP is assuming, and that MySQL uses to store and serve text. How to convert html special chars to ordinary HTML?
How to decode HTML entities using jQuery? and jQuery .appendTo
method worked for me.
htmlspecialchars causing text to disapear
I understand now why it's returning a zero-length string. Sorry for asking this question. I should have researched more before posting. Anyway, the answer is the following:
On the PHP manual page for htmlspecialchars:
Then I ask myself what is "invalid" about this string? On the Wiki page for UTF-8 it gives a good diagram of UTF-8 encoding. All codepoints representing "plain text ASCII" would be 0-127 (the MSB in the byte is always 0).If the input string contains an invalid code unit sequence within the given encoding an empty string will be returned, unless either the ENT_IGNORE or ENT_SUBSTITUTE flags are set.
If a byte's MSB is 1 (decimal 128 to 255) it tells a UTF-8 compliant parser that the codepoint consists of a multi-byte chain. And the next byte's first two Most-Significant-Bits must be a 1 followed by a 0.
Obviously in this string, there is a case where one byte is over 127 and the following byte does not begin with a 1 & 0. Therefore it is invalid UTF-8 encoding.
Thanks for this SO post for the resolution, which in my opinion, is to use the ENT_SUBSTITUTE flag (or I suppose ENT_IGNORE if you are sure that deleting these non-conforming bytes won't be a security issue).
How to reverse htmlentities()?
If you use htmlentities()
to encode, you can use html_entity_decode()
to reverse the process:
html_entity_decode()
Convert all HTML entities to their applicable characters.e.g.html_entity_decode() is the opposite of htmlentities() in that it converts all HTML entities in the string to their applicable characters.
$myCaption = 'áéí';
//encode
$myCaptionEncoded = htmlentities($myCaption, ENT_QUOTES);
//reverse (decode)
$myCaptionDecoded = html_entity_decode($myCaptionEncoded);
Related Topics
Difference Between Buffered and Unbuffered Queries
Why Use Output Buffering in PHP
Reverse Letters in Each Word of a String Without Using Native Splitting or Reversing Functions
Add Some Attribute Values to Woocommerce Variable Product Title from Chosen Variation
Change Mime Type of Output in PHP
Using Moodle Create Users and Enroll Them in Courses via SQL
Php: Require Path Does Not Work for Cron Job
Moving Array Element to Top in PHP
How to Remove Backslash on JSON_Encode() Function
How to Automatically Read in Calculated Values with PHPexcel
Mongodb: Benefit of Using Objectid VS a String Containing an Id
PHP Uploading Files - Image Only Checking
Cyrillic Transliteration in PHP
How to Detect If a Database Table Exists with Laravel
Merging Overlapping Ranges in PHP Arrays
Laravel 4.2 Says My Application Is in Production. How to Turn This Off