简体   繁体   中英

PHP is there a built-in function to render ' as ’ etc

is there a built-in function to render characters like ' as identities (') ?

also, is it unsafe to output raw characters (eg ') in the html?

thanks.

Try htmlentities() :

htmlentities("'", ENT_QUOTES, 'UTF-8', true);

Regarding your second question, yes (as a general rule).

To output user input / raw input you should always use htmlspecialchars() at least.

You're looking for htmlentities() . It will translate any character that has a HTML character entity equivalent.

It is not unsafe to output raw characters in your HTML, although there are a couple of caveats to that:

  • It could produce invalid HTML if you are outputting them inside document entities or attributes.
  • If it is user input, then it needs to be sanitized to prevent possible cross-site scripting (XSS) attacks.

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM