0

I have read their documentation, but I still don't get when to use each of them and their difference.

Let's consider the situation of having a general string in a variable and needing to echo it inside HTML code. If it has any HTML markup in it, I want it converted to HTML code (< replaced by &lt;, & replaced by &amp;. If it has UTF special chars that aren't available in HTML code, it's replaced by HTML number ( replaced by &#8226;).

What's the best function for that?

A harder need: unprintable chars, like \n, char(10), char(13), etc, be replaced by their number code, in the case the string is printed inside <pre> or any special textarea so that the string be dumped.

Hikari
  • 3,797
  • 12
  • 47
  • 77
  • 1
    Personally - I'd avoid `htmlentities()` it causes far more problems than it solves, just use utf-8 as your character set throughout (from the database tables, the connector, the application controllers and the views). `htmlspecialchars()` is perfect for just escaping html. If you need something more, try a library like htmlpurifier : http://htmlpurifier.org/ – CD001 Oct 25 '13 at 14:44
  • google.com difference between such and such: It is easier to search than a make a new post about it. Already asked: http://stackoverflow.com/questions/46483/htmlentities-vs-htmlspecialchars – Serhat Akay Oct 25 '13 at 14:45

1 Answers1

1

htmlentities is a workaround for not having set the character type of the document properly. htmlspecialchars is the correct function to use for merely writing text into an HTML document.

As to your second question, I think you're looking for addcslashes.

Boann
  • 48,794
  • 16
  • 117
  • 146