Link to home
Create AccountLog in
Avatar of kadin
kadinFlag for United States of America

asked on

htmlentities() Is this working?

I thought htmlentities removed special characters that could be used in a programming language like JavaScript and HTML. When I run this script, it doesn't remove anything. Why not? Is there something I am not understanding? Thanks.

<?php

$dirty = '1234 text name <div> / , ; " \' @ ! ^ & ( ) { }';

$clean = trim(htmlentities($dirty, ENT_QUOTES));

echo $clean;

?>

Open in new window

Avatar of Beverley Portlock
Beverley Portlock
Flag of United Kingdom of Great Britain and Northern Ireland image

Remember that what you see on the screen is how the browser deals with the text it is given. the source produced looks like this

1234 text name &lt;div&gt; / , ; &quot; &#039; @ ! ^ &amp; ( ) { }

press CTRL-U in FF
Avatar of kadin

ASKER

Thanks for your response.

Are you saying that I need not worry because the string is indeed being cleaned and then reprinted just the way it was typed in the first place?

I am trying to clean email that will be sent. When I retrieve the email, I see the same special characters that I typed. Are they really being cleaned behind the scenes? Thanks.
ASKER CERTIFIED SOLUTION
Avatar of Beverley Portlock
Beverley Portlock
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of kadin

ASKER

I learned something today. Thanks.
Think about this then..... when you next see a webpage, look at its source HTML and remember that what gets sent to a browser is the HTML instructions on how to draw the page for a user to see. The original HTML is never seen under normal circumstances. Everything a browser shows you is an interpretation of the drawing instructions (aka HTML) it received from the server.

The web is, in one sense, a big fake. Quite a thought, isn't it?

;-)