Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

PHP

Craig Salmond
PLUS
Craig Salmond
Courses Plus Student 7,438 Points
Posted by Craig Salmond
Craig Salmond
Courses Plus Student 7,438 Points

htmlspecialchars() Not Outputting Entities

I've been trying to get the htmlspecialchars() function to escape output in the Enhancing a Simple PHP Application. No matter what I do, I can't get it to output HTML entities and I think I'm going crazy because of it! As a simple test, I created a variable and I try to echo it right after that. 

<?php
    $someVar = "<p>Here's a <b>bold</b> tag inside a <em>paragraph</em>tag</p>";
    echo htmlspecialchars($someVar); 
?>

Visually I see the output exactly as it's declared in teh $someVar assignment and when I View Source, it still looks exactly the same as I declared it! Am I missing something?

Craig Salmond
Craig Salmond
Courses Plus Student 7,438 Points
Craig Salmond
Craig Salmond
Courses Plus Student 7,438 Points

I'm using:

Apache/2.2.25 (Unix) mod_ssl/2.2.25 OpenSSL/0.9.8y DAV/2 PHP/5.5.3 PHP Version 5.5.3 MAMP (OS X — Mavericks)

One unique thing about my setup is that I have my entire MAMP folder inside my Dropbox with a symbolic link to the MAMP folder in my Dropbox. As far as I can tell, it hasn't caused any problems, though. I could be wrong about that

3 Answers

Craig Salmond
PLUS
Craig Salmond
Courses Plus Student 7,438 Points
Craig Salmond
Craig Salmond
Courses Plus Student 7,438 Points

In case anybody sees this, I thought I'd post the answer as I recently figured out what I was doing wrong. When I was inspecting the element, Safari by default will show you the HTML nodes view, not the actual source code. In the HTML nodes view, the HTML entities are not displayed but converted into the the corresponding characters (i.e. &lt; = <) but in the actual source code, the actual HTML entities are present. So if you have this issue, just be sure that you're looking at the source code and not the node view.

Chris Shaw
Chris Shaw
26,676 Points
Chris Shaw
Chris Shaw
26,676 Points

I tested the above on my local server and it worked as expected, could you explain a bit about your dev environment. E.g. PHP version, Apache or IIS etc...

Craig Salmond
PLUS
Craig Salmond
Courses Plus Student 7,438 Points
Craig Salmond
Craig Salmond
Courses Plus Student 7,438 Points

I think I may have found an answer, in case anybody else runs into this. I used this as the html string below and then I used the var_dump() method on that string.

// count is 37 without encoding
$clean = htmlspecialchars('</textarea><p>Testing <b>BOLD</b></p>');

// output on screen
// string(67) "</textarea><p>Testing <b>BOLD</b></p>"

// output encoded (67 chars)
// &lt;/textarea&gt;&lt;p&gt;Testing &lt;b&gt;BOLD&lt;/b&gt;&lt;/p&gt;

The 67 in the line above is what the character count is when the string is encoded. I can't get Chrome or Safari to show the actual HTML entities, but at least I'm not crazy, or at least, I think I'm not crazy