is there a built-in function to render characters like ' as identities (') ?
also, is it unsafe to output raw characters (eg ') in the html?
thanks.
Try htmlentities()
:
htmlentities("'", ENT_QUOTES, 'UTF-8', true);
Regarding your second question, yes (as a general rule).
To output user input / raw input you should always use htmlspecialchars()
at least.
You're looking for htmlentities() . It will translate any character that has a HTML character entity equivalent.
It is not unsafe to output raw characters in your HTML, although there are a couple of caveats to that:
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.