• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 309
  • Last Modified:

htmlentities() does NOT work with html entities

Hello,

I need to clean user-inputed text so I use htmlentities() however it does NOT work if html entities have already been provided.

Here is an example:

         echo htmlentities("Copyright © 2007    CompanyName®");

How should I solve this?
0
hankknight
Asked:
hankknight
1 Solution
 
hernst42Commented:
To have a save function you will need to use a white list. First use htmlentities on the string, then replace valid strings with their original entitiy
$str = htmlentities("Copyright © 2007    CompanyName®");
$str =strtr($str, array('©', ' '), array('©', ' '));
Other thing might be to use a regular rexpression, but don't know if this might allow tricky strings to be unescaped:
$str = preg_replace('/&(\w+);/', '&\1;', $str);
0
 
Vel EousResearch & Development ManagerCommented:
htmlentities only takes the HTML tags and replaces them with their markup eqivalents.

Try using the PHP strip_tags method:

http://uk3.php.net/strip-tags

0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now