Solved

htmlentities() Is this working?

Posted on 2011-02-12
5
490 Views
Last Modified: 2013-12-13
I thought htmlentities removed special characters that could be used in a programming language like JavaScript and HTML. When I run this script, it doesn't remove anything. Why not? Is there something I am not understanding? Thanks.

<?php

$dirty = '1234 text name <div> / , ; " \' @ ! ^ & ( ) { }';

$clean = trim(htmlentities($dirty, ENT_QUOTES));

echo $clean;

?>

Open in new window

0
Comment
Question by:kadin
  • 3
  • 2
5 Comments
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34880476
Remember that what you see on the screen is how the browser deals with the text it is given. the source produced looks like this

1234 text name &lt;div&gt; / , ; &quot; &#039; @ ! ^ &amp; ( ) { }

press CTRL-U in FF
0
 

Author Comment

by:kadin
ID: 34880494
Thanks for your response.

Are you saying that I need not worry because the string is indeed being cleaned and then reprinted just the way it was typed in the first place?

I am trying to clean email that will be sent. When I retrieve the email, I see the same special characters that I typed. Are they really being cleaned behind the scenes? Thanks.
0
 
LVL 34

Accepted Solution

by:
Beverley Portlock earned 500 total points
ID: 34880522
The string is converted into HTML entities which the browser converts back for display purposes. The string is in the correct format but no-one  wants to see #039;here is a single quoted string#039; so the browser shows them 'here is a single quoted string' instead, but what you are seeing is not what is actually there.

Always check the HTML source, not what you see.
0
 

Author Closing Comment

by:kadin
ID: 34880531
I learned something today. Thanks.
0
 
LVL 34

Expert Comment

by:Beverley Portlock
ID: 34880539
Think about this then..... when you next see a webpage, look at its source HTML and remember that what gets sent to a browser is the HTML instructions on how to draw the page for a user to see. The original HTML is never seen under normal circumstances. Everything a browser shows you is an interpretation of the drawing instructions (aka HTML) it received from the server.

The web is, in one sense, a big fake. Quite a thought, isn't it?

;-)

0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Display images from mysql blob type (Not working) 9 40
Read a remote csv file from a https URL 8 47
Log in through ID 5 17
Wordpress Query 5 25
Things That Drive Us Nuts Have you noticed the use of the reCaptcha feature at EE and other web sites?  It wants you to read and retype something that looks like this.Insanity!  It's not EE's fault - that's just the way reCaptcha works.  But it is …
Build an array called $myWeek which will hold the array elements Today, Yesterday and then builds up the rest of the week by the name of the day going back 1 week.   (CODE) (CODE) Then you just need to pass your date to the function. If i…
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question