Solved

Title in Facebook appears with HTML chars

Posted on 2014-01-21
3
297 Views
Last Modified: 2014-01-21
With my PHP script I'm posting in Facebook timeline. Everything fine as long as I'm posting in English. Trying to post in language with special characters (Greek in this case) I'm getting the Title/Link in HTML character set (see the attachment).

I used:
$fb_title = htmlentities($title, ENT_QUOTES, 'UTF-8');
$fb_summary = htmlentities($bodytext, ENT_QUOTES, 'UTF-8');

Open in new window

and the message appeared ok. The title also appeared ok when I appended it to the message. But when the title is the link, it appears with characters like α etc etc.
timeline-greek.jpg
0
Comment
Question by:NickTERiS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 110

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 39796441
Looks like FB is making the same translation you are.  They've probably had some issues with people who did not know that you need to entitize output before sending it to the browser, or perhaps with people who did not understand character sets.  This is a security issue; if you don't escape the output you're at risk of JavaScript injection and a resulting attack on the client machine.  Facebook cannot afford to become an attack vector.

Please see: http://www.laprbass.com/RAY_temp_nickteris.php

<?php // RAY_temp_nickteris.php
error_reporting(E_ALL);

// IF YOU ALREADY HAVE ENTITIES
$title = '&Alpha;&delta;&omega;&sigma;';
echo $title;

// AND YOU ENTITIZE AGAIN...
$fb_title = htmlentities($title, ENT_QUOTES, 'UTF-8');
echo $fb_title;

Open in new window

Executive summary: Let Facebook do the entitize process and leave it out of your code.  You might want to include a prominent comment explaining why you're not using the traditional and expected escape sequence.
0
 

Author Comment

by:NickTERiS
ID: 39796729
This is that I've already did :) But really appreciate your help.
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 39796820
Thanks for the points and thanks for using EE, ~Ray
0

Featured Post

[Webinar] Code, Load, and Grow

Managing multiple websites, servers, applications, and security on a daily basis? Join us for a webinar on May 25th to learn how to simplify administration and management of virtual hosts for IT admins, create a secure environment, and deploy code more effectively and frequently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question