I am in the PHP developer course specifically in the escaping output section. I was wondering what is the best option here? {echo htmlspecialchars($email);} or {echo htmlentities($email);} I know the course say htmlspecialchars but I've read htmlentities is stronger.

I think you've probably got the right idea. You can read more about escaping special characters (http://wonko.com/post/html-escaping) and the issues with htmlspecialchars.

They are exactly the same except that 'htmlentities' will convert characters that have an HTML character code, to that code. For example 'htmlspecialchars' would output: Johnson & Johnson company 'htmlentities' would output: Johnson & Johnson company Using the ISO character code is the preferred way to write such symbols in your markup. So I personally would use 'htmlentities'.

Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

Posted October 8, 2013 10:40pm by

htmlspecialchars vs htmlentities?

I am in the PHP developer course specifically in the escaping output section. I was wondering what is the best option here?

{echo htmlspecialchars($email);}

{echo htmlentities($email);}

I know the course say htmlspecialchars but I've read htmlentities is stronger.

October 9, 2013 3:39am

They are exactly the same except that 'htmlentities' will convert characters that have an HTML character code, to that code.

For example 'htmlspecialchars' would output:

<span>Johnson & Johnson company</span>

'htmlentities' would output:

<span>Johnson &#38; Johnson company</span>

Using the ISO character code is the preferred way to write such symbols in your markup. So I personally would use 'htmlentities'.

2 Answers

October 9, 2013 7:13pm

I think you've probably got the right idea. You can read more about escaping special characters and the issues with htmlspecialchars.

October 9, 2013 11:12pm

Thanks for the link. Good article. So what should I be using? Regular expressions? If so then how? I've read that Regular expressions for email is not effective?

Thanks again.

October 9, 2013 3:42am

They are exactly the same except that 'htmlentities' will convert characters that have an HTML character code, to that code.

For example 'htmlspecialchars' would output:

<span>Johnson & Johnson company</span>

'htmlentities' would output:

<span>Johnson &#38; Johnson company</span>

Using the ISO character code is the preferred way to write such symbols in your markup. So I personally would use 'htmlentities'.

Posting to the forum is only allowed for members with active accounts.
Please sign in or sign up to post.

Welcome to the Treehouse Community

Looking to learn something new?

Joel Rivera

Joel Rivera

htmlspecialchars vs htmlentities?

Chad Harris

Chad Harris

2 Answers

James Barnett

James Barnett

Joel Rivera

Joel Rivera

Chad Harris

Chad Harris