Vote count:
0
I'm using htmlspecialchars to escape user input that is rendered on the page (so that a user input of If you want bold text, wrap it around a <b> tag like <b>this</b> actually renders out that way, instead of interpreting the <b> as actual html and bolding the tag like this text.
htmlspecialchars works great here, but seems to incorrectly render UTF8 chars as the htmlentity number code. E.g. the look of disapproval ಠ_ಠ renders as ಠ_ಠ after going through the function.
What should I be doing to properly escape regular html, but still allow users to use special UTF8 chars?
asked 57 secs ago
Allowing htmlspecialchars to render UTF-8 chars, while still escaping regular tags
Aucun commentaire:
Enregistrer un commentaire