Search code examples
phphtml-entitieshtmlspecialchars

PHP - htmlspecialchars

I am attempting to use "htmlspecialchars" function to sanitize URLs. Below is the code:

$new = htmlspecialchars("<a href='test'>Test</a>", ENT_QUOTES);
echo $new;

The anticipated output should be:

&lt;a href=&#039;test&#039;&gt;Test&lt;/a&gt;

However what I get is:

<a href='test'>Test</a>

It is not actually stripping the special characters at all. Am I doing something incorrectly? The above example is a copy and paste directly from php.net.

I am using PHP Version 5.4.8.

Solution

  • When I run that, the output I get is:

    &lt;a href=&#039;test&#039;&gt;Test&lt;/a&gt;

    Either:

    • Your PHP interpretor is broken
    • You are looking at the rendered HTML and not the HTML source