I am using htmlentities($data, ENT_QUOTES)
on any data fetched from database before displaying it.
Is there a way I can set the flag ENT_QUOTES
by default for htmlentities()
function, so that even if I write htmlentities($data)
it should work as htmlentities($data, ENT_QUOTES)
.
As written in the documentation of php the default is ENT_COMPAT | ENT_HTML401
ENT_COMPAT | ENT_HTML401
.
For your information I am using codeigniter framework, php5.
UPDATE 1: wrapping with a custom function as suggested by Michael could help but I have already used this everywhere in the website without ENT_QUOTES flag and was wondering if there is a way provided by php to change defaults for its functions.
UPDATE 2: I think html_escape() inbuilt function provided by codeigniter (suggested by Wesley) is the best for me so that i don't have to write my own wrapper function.
There's no way to change the default flags that I know of, but the advice given to you in the comments is absolutely the best way to approach this anyways: use a wrapper function.
Conveniently, Codeigniter has one built in already, appropriately named:
echo html_escape($string);
You can pass in arrays as well, here's what it does:
/**
* Returns HTML escaped variable
*
* @access public
* @param mixed
* @return mixed
*/
if ( ! function_exists('html_escape'))
{
function html_escape($var)
{
if (is_array($var))
{
return array_map('html_escape', $var);
}
else
{
return htmlspecialchars($var, ENT_QUOTES, config_item('charset'));
}
}
}
Just do a search for htmlentities
in your project and replace (carefully) with html_escape
. This will also provide the opportunity for you to easily make changes in the future because you can alter the function. It's a little bit of an initial time investment but well worth it.
If you are accessing the variable directly. For example: $this->model_name->variable;
Then you can use __get function in model name and process it before it is accesses from object. http://www.php.net/manual/en/language.oop5.overloading.php#object.get
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.