What is the easiest way to Html encode in PHP?
By encode, do you mean: Convert all applicable characters to HTML entities?
htmlspecialchars or
htmlentities
You can also use strip_tags if you want to remove all HTML tags :
strip_tags
Note: this will NOT stop all XSS attacks
Encode.php
<h1>Encode HTML CODE</h1>
<form action='htmlencodeoutput.php' method='post'>
<textarea rows='30' cols='100'name='inputval'></textarea>
<input type='submit'>
</form>
htmlencodeoutput.php
<?php
$code=bin2hex($_POST['inputval']);
$spilt=chunk_split($code,2,"%");
$totallen=strlen($spilt);
$sublen=$totallen-1;
$fianlop=substr($spilt,'0', $sublen);
$output="<script>
document.write(unescape('%$fianlop'));
</script>";
?>
<textarea rows='20' cols='100'><?php echo $output?> </textarea>
You can encode HTML like this .
Try this:
<?php
$str = "This is some <b>bold</b> text.";
echo htmlspecialchars($str);
?>
I searched for hours, and I tried almost everything suggested.
This worked for almost every entity :
$input = "āžšķūņrūķīš ○ àéò ∀∂∋ ©€ ♣♦ ↠ ↔↛ ↙ ℜ℞";
echo htmlentities($input, ENT_HTML5 , 'UTF-8');
result :
āžšķūņrūķīš ○ àéò ∀∂∋ ©€ ♣♦ ↠ ↔↛ ↙ ℜ℞rx;
Related
I have got a string contain with html tags.I want to print it using php , but it print with html tags.How to print somethings like this?
String :
<p style="color:#f00">HTML basic test Text</p>
Want to show :
HTML basic test Text
currently I show the result : <p style="color:#f00">HTML basic test Text</p>
Have you any solution?
Like CBroe said, you can use strip_tags() function
<?php
$text = '<p style="color:#f00">HTML basic test Text</p>';
echo strip_tags($text);
?>
AFAICT an echo should do it. If I need some HTML code to be generatet with php I echo it like:
<?php
echo '<p>Hallo world</p>';
?>
Worked for me, I never used print for that purpose.
I'm trying to populate a form with some data that contains special characters (e.g. single quote, double quote,<,>,?,","".~,,!##$%^&*()_+}{":?<<>,./;'[.] etc) :
<input type="text" name="message" size="200" maxlength="200"
value =<?php echo $message;?>>
However, $message, which comes from a MySQL table, isn't displayed correctly - any HTML output that should be in $message is broken.
How do I do this properly?
This will prevent your tags from being broken by the echo:
<?php echo htmlentities($message); ?>
If you want to display it
echo htmlspecialchars($messge, ENT_QUOTES, 'UTF-8');
That's what I usually do.
Since the answers are difference:
htmlentities-vs-htmlspecialchars is worth checking out.
I normally use the following code, see htmlspecialchars
<?php echo htmlspecialchars($videoId, ENT_QUOTES | ENT_HTML5); ?>
whats wrong with using a constant ?
<?php
define(foo,'<,>,?,","".~,,!##$%^&*()_+}{":?<<>,./;');
$foo2="'[.]";
echo constant('foo').$foo2;
?>
you need to put the '[.]' into a variable, as a constant will break on a ' (single quote).
PHP echo function is not outputing strings in the format of html tag like <something. somethong_else>, may be because it is like HTML tags, is there any way to display it?
echo 'hi<h.i>';
Eg : this displays as
echo 'hi';
try using
<?php
echo htmlentities('hi<h.i>');
?>
You need to encode the string if you what the text to appear
echo htmlentities("hi<h.i>");
There is a thing called HTML. Where strings in <something.somethong_else> format have some meaning. Go figure.
PHP can echo out tags.
Example
<?php
echo '<p>Hello World</p>';
?>
Keep in mind, the PHP will echo where it is called. So you can also do this
<p>
<?php echo 'Hello World'; ?>
</p>
UPDATE
Since new information is sent. You can make < into < and > into > Look at HTML entities.
You probably need to use htmlentities(), try this:
echo htmlentities('hi<h.i>');
I have a post form with a text area in it. When I save the text from my textarea into mysql db, the text is saved with some white spaces before and after my actual test.
Why is happening this? How can I overcome this?
Thanks in advance
There's probably whitespace in your markup. For example:
<textarea>
<?php echo ($textareavalue); ?>
</textarea>
You could either remove the whitespace
<textarea><?php echo ($textareavalue); ?></textarea>
Or you could trim() the input before storing it to the database
$_POST ['textareavalue'] = trim ($_POST ['textareavalue']);
If you have code like this:
<textarea name="foobar">
<? echo $contents; ?>
</textarea>
Then you are adding whitespace to the value before/after the <? ... ?> tags (note, php does try to remove whitespace in some situations, so sometimes you can get away with it).
The fix is to do this:
<textarea name="foobar"><? echo $contents; ?></textarea>
you can use trim function before inserting into database for perticular that post data...
$text_area = trim($_POST['text_area']);
it will remove spaces from begining and end of the string...
I am posting this content in the Editor.
> <div class="faq"><ul><li><span class="q">What is a teest?</span>
> <span class="a">A test.</span><div class="spacer"></div></li> </ul></div>
It is saving in the following format.
<p><div class=\\\"faq\\\"><ul><li><span class=\\\"q\\\">What is a teest?</span> <br /><span class=\\\"a\\\">A test.</span><div class=\\\"spacer\\\"></div></li> </ul></div></p>
So the output is not showing perfectly. I have added stripslashes and addslashes. Even it doesn't work.
What is the best way to resolve this issue?
Thanks in advance...
That's ugly..
You need stripslashes() twice, strip_tags() and htmlspecialchars_decode(), if you want working HTML code.
$html = '<p><div class=\\\"faq\\\"><ul><li><span> ...';
$html = htmlspecialchars_decode(strip_tags(stripslashes(stripslashes( $html ))));
echo $html;
This will print:
<div class="faq"><ul><li><span class="q">What is a teest?</span> ...