Re: Displaying HTML characters in real format

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 17 Jul 2007 17:59:01 -0500 (CDT), "Richard Lynch" wrote:

> On Tue, July 17, 2007 2:03 pm, Nisse Engström wrote:
>> On Fri, 13 Jul 2007 01:24:09 -0500 (CDT), "Richard Lynch" wrote:
>>>
>>> htmlspecialchars ONLY escapes four characters: < > & "
>>>
>>> htmlentities escapes ALL characters that need it
>>
>> What characters other than the four (or five)
>> NEED escaping, and why?
> 
> For example, some people occasionally find a need to write an o with
> an umlaut over it.

No way! :-)

> And sometimes they might type that right into a database form of some
> kind.
> 
> And if that's being output, it needs to be converted to an HTML entity
> so it will actually show up as an o with an umlaut, instead of, say,
> capital A with a tilda followed by a paragraph symbol.
> 
> Now, in some cases, if you are using UTF-8 (or UTF-16) and if the
> browser is supporting that, and if you've got the right headers and
> META tags, most modern browsers will do the right thing...

If you don't have the right headers and the right META tags,
you have bugs in your code. Are there any modern browsers
that don't support UTF-8 and the 8859-encodings?

> Or not, in the case of the reply window I'm typing into right now,
> which has turned your name into:
> 
> Nisse Engström
> 
> instead of:
> Nisse Engström
> 
> There are actually SIMPLER characters involving only ASCII, but I

[I assume you meant the so called "Extended ASCII". I can't
see any issues with (7-bit) ASCII.]

> thought this particular example would drive the idea home better :-)

Not really. An o with an umlaut (which, by the way, is not
an umlaut at all in my language but a letter in its own
right) does not NEED escaping in the same way that the
special chars do.

> This script might help as well:
> 
> <pre><?php
>   for ($o = 0; $o < 256; $o++){
>     echo "$o: '", htmlspecialchars($o), "' versus '",
> htmlentities($o), "'\n";
>   }
> ?></pre>

[Replace "($o)" with "(chr($o))"]

Both columns are the same unless I start mucking about
with the browsers character encoding. What exactly is
this supposed to prove? That you failed to provide a)
the page's character encoding, and b) a charset argument
to htmlentities()?


/Nisse

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux