htmlentities() versus htmlspecialchars() – What’s Better For Emitting HTML?

Both htmlentities and htmlspecialchars work the same way in that they are used to emit a string of user input that may contain raw HTML but you’d like the HTML shown literally versus interpreted by the browser. For instance, showing HTML coding examples. The difference between the two PHP functions is htmlentities encodes more characters than htmlspecialchars.

htmlspecialchars only encodes these 5 characters

  • &
  • "
  • '
  • <
  • >

htmlentities encodes all known characters. Generally, htmlentities is the better, safer function to use.

Leave a Reply

Your email address will not be published. Required fields are marked *