Menu
For example:
$str="<script>alert('hello');</script>";
If I use echo to print it out, it will pop up an alert window in the browser.
How can I print out the raw string <script>alert('hello');</script> in this case?
993
Method 1: Using htmlspecialchars() function: The htmlspecialchars() function is an inbuilt function in PHP which is used to convert all predefined characters to HTML entities. $string: This parameter is used to hold the input string. $flags: This parameter is used to hold the flags.
The simplest way to create a string is to enclose the string literal (i.e. string characters) in single quotation marks ('), like this: Example: $my_string = 'Hello World'; You can also use double quotation marks (“). However, single and double quotation marks work in different ways.
The simplest way to specify a string is to enclose it in single quotes (the character ' ). To specify a literal single quote, escape it with a backslash ( \ ). To specify a literal backslash, double it ( \\ ).
Depends if you want the words script in. If yes, then
You should use this.
echo htmlspecialchars($str);
See http://php.net/manual/en/function.htmlspecialchars.php
If not just use strip_tags http://php.net/manual/en/function.strip-tags.php
107
You can use htmlspecialchars
$str = htmlspecialchars( "<script>alert('hello');</script>" )
docs: http://php.net/manual/en/function.htmlspecialchars.php
39
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
