Asked  11 Months ago    Answers:  5   Viewed   5 times

this may seem like a simple problem but I couldn't find it in the archives.

how does one reverse the effects of htmlspecialchars?

I tried something like this:

$trans_tbl = get_html_translation_table (HTML_ENTITIES);
$trans_tbl = array_flip ($trans_tbl);
$html = strtr ($html, $trans_tbl);

but it didn't work. is there a simple way to do this?

 Answers

4

Use htmlspecialchars_decode()

<?php
$str = "<p>this -&gt; &quot;</p>n";

echo htmlspecialchars_decode($str);

// note that here the quotes aren't converted
echo htmlspecialchars_decode($str, ENT_NOQUOTES);
?>

Reference - PHP Official Doc

Wednesday, July 21, 2021
 
kensil
 
5

You should only call this method when echoing the data into HTML.

Don't store escaped HTML in your database; it will just make queries more annoying.
The database should store your actual data, not its HTML representation.

Thursday, April 1, 2021
 
Terry
 
3

My guess (about lack of adoption) would be it's simply because the Filter extension is only enabled by default since v5.2, whereas the html* methods have been around longer.

Thursday, April 1, 2021
 
3

Don't worry. htmlspecialchars() is encoding the < and > characters properly. It is just that when you echo the encoded string to your computer screen, your browser helpfully decodes the characters again. If you view the page source you will see the encoded string.

Saturday, May 29, 2021
 
Angolao
 
4

Never used any of those, but they look interesting..

Take a look at Gearman as well.. more overhead in systems like these but you get other cool stuff :) Guess it depends on your needs ..

Friday, December 24, 2021
 
Only authorized users can answer the question. Please sign in first, or register a free account.
Not the answer you're looking for? Browse other questions tagged :