htmlspecialchars和htmlentities的区别

htmlspecialchars会转义预定义的html字符,如 & > < ' " htmlentities会将所有的html字符转义成实体同时影响中文。

<?php

echo htmlspecialchars($_GET['content']).'<br>';
echo '<br>';
echo htmlentities($_GET['content']);


?>
<form action="" method="get">
Content:<input type="text" name="content">
</form>
This entry was posted in php security and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *