Hướng dẫn
Quảng cáo

Hàm htmlentities() trong PHP

Hướng dẫn cách sử dụng hàm htmlentities() trong lập trình PHP

Tác dụng của hàm htmlentities()

The htmlentities() function converts all applicable characters to HTML entities.

This function typically reverses the effect of html_entity_decode() function.

The following table summarizes the technical details of this function.

Return Value: Returns the encoded string. If the input string contains an invalid code sequence within the given charset it will return an empty string, unless either the ENT_IGNORE or ENT_SUBSTITUTE flags are set.
Version: PHP 4+


The basic syntax of the htmlentities() function is given with:

htmlentities(string, flags, charset, double_encode);

The following example shows the htmlentities() function in action.

Ví dụ

// Sample string
$str = "It's an <b>\"amazing\"</b> story.";

// Encoding the string
$encoded_str = htmlentities($str);
echo $encoded_str;

The output of the above example will be (view source to get an idea):

It's an "amazing" story.

However, in the browser you will see something like this:

It's an "amazing" story.

Note: The htmlentities() is identical to htmlspecialchars() in all ways, except that htmlspecialchars() only replaces &, <, and >, with option for single and double quotes. But htmlentities() replaces all characters which can be represented by HTML character entity.



Tip: You can use the get_html_translation_table() function to return the translation table that is used internally for the htmlspecialchars() and htmlentities() functions.


The htmlentities() function accepts the following parameters.

Parameter Description
string Required. Specifies the string to encode.

Optional. Specifies how to handle quotes, invalid code sequences and which document type to use. You can specify one or more of the following flags.

The available flags constants for handling quotes are:

  • ENT_COMPAT – Converts double-quotes and leave single-quotes unconverted.
  • ENT_QUOTES – Convert both double and single quotes.
  • ENT_NOQUOTES – Leave both double and single quotes unconverted.

The available flags constants for handling invalid code sequences are:

  • ENT_IGNORE – Silently ignores invalid code sequences instead of returning an empty string. Avoid using this flag as it may have security implications.
  • ENT_SUBSTITUTE – Replaces invalid code sequences with a Unicode Replacement Character U+FFFD (UTF-8) or instead of returning an empty string.
  • ENT_DISALLOWED – Replaces code sequences that are invalid for the specified document type with a Unicode Replacement Character U+FFFD (UTF-8) or instead of leaving them as is.

The available flags constants for specifying the document types are:

  • ENT_HTML401 – Handle code as HTML 4.01.
  • ENT_HTML5 – Handle code as HTML 5.
  • ENT_XML1 – Handle code as XML 1.
  • ENT_XHTML – Handle code as XHTML.

The default value for this parameter is ENT_COMPAT | ENT_HTML401.


Optional. Specifies which character set to use. Supported charsets are:

  • UTF-8 – ASCII compatible multi-byte 8-bit Unicode.
  • ISO-8859-1 – Western European, Latin-1.
  • ISO-8859-5 – Little used cyrillic charset (Latin/Cyrillic).
  • ISO-8859-15 Western European, Latin-9. Adds the Euro sign, French and Finnish letters missing in Latin-1 (ISO-8859-1).
  • cp866 – DOS-specific Cyrillic charset.
  • cp1251 – Windows-specific Cyrillic charset.
  • cp1252 – Windows specific charset for Western European.
  • KOI8-R – Russian.
  • BIG5 – Traditional Chinese, mainly used in Taiwan.
  • GB2312 – Simplified Chinese, national standard character set.
  • BIG5-HKSCS – Big5 with Hong Kong extensions, Traditional Chinese.
  • Shift_JIS – Japanese.
  • EUC-JP – Japanese.
  • MacRoman – Charset that was used by Mac OS.

If this parameter is omitted, it defaults to the value of the default_charset configuration option (inside php.ini file).

double_encode Optional. A Boolean value which specifies whether to encode existing html entities or not. Possible values are true and false. Default value is true which convert everything.

More Examples

Here're some more examples showing how htmlentities() function actually works:

The following example demonstrates the handling of single and double quotes using this function.

Ví dụ

// Sample string
$str = "I'll \"leave\" tomorrow.";

// Convert only double quotes
$a = htmlentities($str, ENT_COMPAT);
echo $a; /* I'll &quot;leave&quot; tomorrow. */

// Converts both double and single quotes
$b = htmlentities($str, ENT_QUOTES);
echo $b; /* I'll &quot;leave&quot; tomorrow. */

// Does not convert any quotes
$c = htmlentities($str, ENT_NOQUOTES);
echo $c; /* I'll "leave" tomorrow. */

However, in the browser you will always see the string I'll "leave" tomorrow. View source (right-click and select View Page Source) of the example output to see the actual encoded string.


Bài viết này đã giúp ích cho bạn?

Bài viết mới