How to set ENT_QUOTES flag by default for htmlentities() function in php

Question

I am using htmlentities($data, ENT_QUOTES) on any data fetched from database before displaying it.

Is there a way I can set the flag ENT_QUOTES by default for htmlentities() function, so that even if I write htmlentities($data) it should work as htmlentities($data, ENT_QUOTES).

As written in the documentation of php the default is ENT_COMPAT | ENT_HTML401.

For your information I am using codeigniter framework, php5.

UPDATE 1: wrapping with a custom function as suggested by Michael could help but I have already used this everywhere in the website without ENT_QUOTES flag and was wondering if there is a way provided by php to change defaults for its functions.

UPDATE 2: I think html_escape() inbuilt function provided by codeigniter (suggested by Wesley) is the best for me so that i don't have to write my own wrapper function.

Answer 1

There's no way to change the default flags that I know of, but the advice given to you in the comments is absolutely the best way to approach this anyways: use a wrapper function.

Conveniently, Codeigniter has one built in already, appropriately named:

echo html_escape($string);

You can pass in arrays as well, here's what it does:

/**
* Returns HTML escaped variable
*
* @access   public
* @param    mixed
* @return   mixed
*/
if ( ! function_exists('html_escape'))
{
    function html_escape($var)
    {
        if (is_array($var))
        {
            return array_map('html_escape', $var);
        }
        else
        {
            return htmlspecialchars($var, ENT_QUOTES, config_item('charset'));
        }
    }
}

Just do a search for htmlentities in your project and replace (carefully) with html_escape. This will also provide the opportunity for you to easily make changes in the future because you can alter the function. It's a little bit of an initial time investment but well worth it.