htmlentities not working on single quote
php,html-entities,htmlspecialchars
It is working. You are outputting Bob's House (or similar). But since you're in a browser, it sees the ' and replaces it with '. Want proof? Right-click and View Source. More proof? echo strlen($test) . " -- " . strlen(htmlentities($test,ENT_QUOTES));...
Execute htmlspecialchars on a multi level array
php,arrays,loops,htmlspecialchars
You can use the array_walk_recursive() function - http://php.net/manual/en/function.array-walk-recursive.php array_walk_recursive($view['data'], function(&$item) { $item = htmlspecialchars($item); }); ...
Un-Escaping XML encoded characters
php,xml,htmlspecialchars,xml-entities
try this: html_entity_decode("your_string") ...
output data from database using htmlspecialchars() that has been filtered using filter_input()
php,security,mysqli,xss,htmlspecialchars
I am using filter_input() to filter any data that comes from user before inserting into database. This is a bad practice. Do not mangle your data before you insert it into a database. It's 2015; don't sanitize, use prepared statements instead. $db = new \PDO( 'mysql:host=localhost;dbname=mydatabase;charset=UTF-8', $username, $password );...
How to store input text value or text area value with & symbol and special characters? [closed]
php,mysql,string,special-characters,htmlspecialchars
There is nothing special about the & character in a string in php. The only way you can get the result you get (everything after the & is not stored...), is when you send the data to your php script and you are building the data string manually without encoding...
htmlspecialchars(); don't work
If you want the browser to display the special characters you should write something like this: <?php $test = htmlspecialchars(str_replace(array("'", "\""), "", htmlspecialchars("<a>w3s.com</a>"))); echo $test; ?> Output: <a>w3s.com</a> This way you escape the special characters in order to let the browser draw them If you want to see HTML entities...
Why doesn't htmlspecialchars convert quotes inside an input value?
You can look the page source and you will see that the value is ' " / /n /t <> It is ok to use it in your case Already answered here: How to properly escape html form input default values in php?...
Circumventing htmlspecialchars(addslashes(input)) for HTML/JavaScript injection
php,html,htmlspecialchars,addslashes
addslashes is irrelevant to XSS (and there is almost always something better in places where it is actually useful). htmlspecialchars is not an unsafe approach. It is just insufficient by itself. htmlspecialchars will protect you if you put the content as the body of a "safe" element. It will protect...
Ionic - meta charset doesn't work
angularjs,cordova,special-characters,ionic,htmlspecialchars
I solved it myself. I changed the file encodings in IntelliJ (setting -> editor -> file encodings).
check whether any html tags entered in textarea using javascript
javascript,jquery,html,textarea,htmlspecialchars
To check you can create an element in the DOM, inject the comment into it and use [element].getElementsByTagName('*') to check for any html element. If its length is not 0, there are html elements in the comment. Something like: document.querySelector('#check').addEventListener('click', doCheck); function doCheck(e) { var chkEl = document.createElement('div'), isok, report,...
String with Æ Ø or Å is removed when using htmlspecialchars or htmlentities
You can specify a third parameter to htmlspecialchars() which changes the character set. This works, for example: echo htmlspecialchars('Peter Mørk',null,'ISO-8859-1'); ...
Javascript .replace on Euro symbol (special characters)
javascript,replace,htmlspecialchars
Simply change your updateCurrency function for this simpler one and you'll see that € and £ are replaced (when switching between currencys): function updateCurrency(elem){ if(elem.value === 'sterling'){ var newCurrency = '£'; var oldCurrency = '€'; } else { var newCurrency = '€'; var oldCurrency = '£'; } var maxValue =...