Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

htmlentities() Is this working?

Posted on 2011-02-12
5
Medium Priority
?
494 Views
Last Modified: 2013-12-13
I thought htmlentities removed special characters that could be used in a programming language like JavaScript and HTML. When I run this script, it doesn't remove anything. Why not? Is there something I am not understanding? Thanks.

<?php

$dirty = '1234 text name <div> / , ; " \' @ ! ^ & ( ) { }';

$clean = trim(htmlentities($dirty, ENT_QUOTES));

echo $clean;

?>

Open in new window

0
Comment
Question by:kadin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34880476
Remember that what you see on the screen is how the browser deals with the text it is given. the source produced looks like this

1234 text name &lt;div&gt; / , ; &quot; &#039; @ ! ^ &amp; ( ) { }

press CTRL-U in FF
0
 

Author Comment

by:kadin
ID: 34880494
Thanks for your response.

Are you saying that I need not worry because the string is indeed being cleaned and then reprinted just the way it was typed in the first place?

I am trying to clean email that will be sent. When I retrieve the email, I see the same special characters that I typed. Are they really being cleaned behind the scenes? Thanks.
0
 
LVL 34

Accepted Solution

by:
Beverley Portlock earned 2000 total points
ID: 34880522
The string is converted into HTML entities which the browser converts back for display purposes. The string is in the correct format but no-one  wants to see #039;here is a single quoted string#039; so the browser shows them 'here is a single quoted string' instead, but what you are seeing is not what is actually there.

Always check the HTML source, not what you see.
0
 

Author Closing Comment

by:kadin
ID: 34880531
I learned something today. Thanks.
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34880539
Think about this then..... when you next see a webpage, look at its source HTML and remember that what gets sent to a browser is the HTML instructions on how to draw the page for a user to see. The original HTML is never seen under normal circumstances. Everything a browser shows you is an interpretation of the drawing instructions (aka HTML) it received from the server.

The web is, in one sense, a big fake. Quite a thought, isn't it?

;-)

0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

3 proven steps to speed up Magento powered sites. The article focus is on optimizing time to first byte (TTFB), full page caching and configuring server for optimal performance.
Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question