phpjs/_octopress/source/functions/htmlspecialchars/_comments.html

php.js offers community built php functions in javascript

<!-- Generated by Rakefile:build -->

<strong>
<a href="http://ic4ever.com" rel="nofollow">randy</a>
</strong>
on 2012-06-28 03:12:24 <br />
Very nice function. It worked great for me. I came here 1st!
But then I also found this method ..
<pre><code>
var a = 'one &lt;p&gt; tag';
$('&lt;div/&gt;').text(a); // [&lt;div&gt;​one &lt;p&gt; tag​&lt;/div&gt;​]
$('&lt;div/&gt;').text(a).html(); // &quot;one &amp;lt;p&amp;gt; tag&quot;
</code></pre>
The $(element) creates an html element, .text(a) sets the element content to the text (read &quot;escaped&quot;) value of &quot;a&quot;, the .hmtl() gets the html value of the contents of the element. As in .innerHTML.

Very nice also for you if you use jQuery.
<hr />


<strong>
s
</strong>
on 2011-04-18 13:27:32 <br />
SSSSSS
<hr />


<strong>
test
</strong>
on 2010-05-21 14:49:29 <br />
&lt;?php echo 'hello admin!'; ?&gt;
<hr />


<strong>
<a href="http://brett-zamir.me" rel="nofollow">Brett Zamir</a>
</strong>
on 2010-02-12 18:43:39 <br />
@hacksmw: When I try <pre><code>alert(htmlspecialchars_decode('&amp; amp;#9787;'))</code></pre>

...I do get &amp; #9787; in our php.js JavaScript.

Make sure you are using the latest code (see http://github.com/kvz/phpjs/raw/master/functions/strings/htmlspecialchars_decode.js ).
<hr />


<strong>
hacksmw
</strong>
on 2010-02-11 08:53:42 <br />
htmlspecialchars_decode function in PHP doesn't work recursive.
but this function is too recursive.
so &quot;&amp; amp; #9787;&quot; will not be converted by this function as &quot;&amp; #9787;&quot;
however, it will be converted as &quot;☻&quot;
on the other hand, 
the function in php will convert it as &quot;&amp;# 9787;&quot;

(
i can't delete my old comment.
so, i wrote this comment once again :(
)
<hr />


<strong>
hacksmw
</strong>
on 2010-02-11 08:50:55 <br />
htmlspecialchars_decode function in PHP doesn't work recursive.
but this function is too recursive.
so &quot;&amp;amp; #9787;&quot; will not be converted by this function as &quot;&amp; #9787;&quot;
however, it will be converted as &quot;☻&quot;
on the other hand, 
the function in php will convert it as &quot;&amp;# 9787;&quot;

(
i can't delete my old comment.
so, i wrote this comment once again :(
)
<hr />


<strong>
<a href="http://brett-zamir.me" rel="nofollow">Brett Zamir</a>
</strong>
on 2009-12-07 10:33:54 <br />
@Felix: Thanks for the feedback. Yes, I pushed earlier to the git repo with the fix. Was my oversight as I was testing in Firefox which doesn't have a problem with trailing commas.  htmlspecialchars_decode() also had the issue which I fixed as well. Thanks again!
<hr />


<strong>
felix
</strong>
on 2009-12-06 15:22:04 <br />
problem solved.. wrong synthax in in row 38/39.. after &quot;'ENT_IGNORE' : 4&quot; there's  a comma but it shouldnt be there ^^
<hr />


<strong>
felix
</strong>
on 2009-12-05 20:46:30 <br />
Hi,

seems that the script has problems with ie6 + 7 .. here the browser says &quot;object expected&quot; in line 41/42... ???

also.. does this function work with utf-8 ?
<hr />


<strong>
<a href="http://kevin.vanzonneveld.net" rel="nofollow">Kevin van Zonneveld</a>
</strong>
on 2009-07-03 14:01:23 <br />
@ T.Wild: Hey man. Thanks a lot for testing this. I've patched it in SVN, and things will be online shortly
<hr />


<strong>
T.Wild
</strong>
on 2009-07-02 23:23:02 <br />
Sorry, just to be clear that's moving the line over at
get_html_translation_table
<hr />


<strong>
T.Wild
</strong>
on 2009-07-02 23:19:47 <br />
A Frank Forte posted over on strtr (http://phpjs.org/functions/strtr:556#comment_75192) that htmlspecialcharacters is encoding ampersands after encoding other characters.
so &lt; test &gt; becomes andamp;lt test andamp;gt
I've confirmed this myself, and his fix of moving the line
<pre><code>entities['38'] = '&amp;amp;';</code></pre>
to the top of the entities list (before the line
<pre><code>if (useTable === 'HTML_ENTITIES')</code></pre>
seems to work without effecting the other dependent functions:
htmlentities
html_entity_decode
htmlspecialchars_decode
<hr />


<strong>
<a href="http://kevin.vanzonneveld.net" rel="nofollow">Kevin van Zonneveld</a>
</strong>
on 2009-01-15 11:21:51 <br />
@ Guilherme Mello: Could you please provide the output you get in php &amp;amp; js?
<hr />


<strong>
Guilherme Mello
</strong>
on 2009-01-14 18:39:15 <br />
If you try htmlspecialchars in PHP with this example, you're going to have a different conversion with javascript:

use the string : FS'IG'IKU&amp;quot;UJHFE
<hr />


<strong>
<a href="http://kevin.vanzonneveld.net" rel="nofollow">Kevin van Zonneveld</a>
</strong>
on 2009-01-07 14:50:17 <br />
@ Ashley Broadley: Thanks for noticing! 
I guess the &amp;amp;amp; character must be the last character when decoding, but the first when encoding!
<hr />


<strong>
<a href="http://blog.ls12style.co.uk" rel="nofollow">Ashley  Broadley</a>
</strong>
on 2009-01-07 11:33:51 <br />
OK, I seem to have fixed this problem.
It turned out that the &amp;amp; symbol  was at the bottom of the ascii decimal array in 'get_html_translation_table'. I simply moved it to the top and now everything is fine.

Can you test and confirm by emailing me?

Thanks
Ashley
<hr />


<strong>
<a href="http://blog.ls12style.co.uk" rel="nofollow">Ashley  Broadley</a>
</strong>
on 2009-01-07 11:24:05 <br />
I really find the idea of the php.js fantastic! I for one am very impressed with everyones work!

I have noticed a problem with the htmlentities (not sure if it applies to htmlspecialchars):

testing all the available symbols on my keyboard (£, &amp;lt;, &amp;gt;, ', &amp;quot; and such) i alert()'ed the supposedly encoded string and found that all ampersands were encoded, so &amp;quot;&amp;amp;pound;&amp;quot; would be &amp;quot;&amp;amp;amp;pound;&amp;quot; which then on a html page would echo &amp;quot;&amp;amp;pound;&amp;quot; and not &amp;quot;£&amp;quot; as it should.

im not a pro so im not sure whats causing the the bug.

just thought i would let you know!
<hr />


<strong>
<a href="http://kevin.vanzonneveld.net" rel="nofollow">Kevin van Zonneveld</a>
</strong>
on 2008-11-13 23:20:15 <br />
@ atv: I'm not able to reproduce that behavior here. Also, if I run that test, my single quotes are being replaced by #039; entities.

Are you sure you're running our latest version?
<hr />


<strong>
<a href="http://thatsaninterestingpoint.org.ua" rel="nofollow">atv</a>
</strong>
on 2008-11-11 19:28:01 <br />
Today, 2008-11-11, this function encodes the string twice, so the output of such code
<pre><code>
htmlspecialchars(&amp;quot;&amp;lt;a href='test'&amp;gt;Test&amp;lt;/a&amp;gt;&amp;quot;, 'ENT_QUOTES')
</code></pre>
will be like this:
<pre><code>
&amp;amp;lt;a href='test'&amp;amp;gt;Test&amp;amp;lt;/a&amp;amp;gt;
</code></pre>
Fix this!
<hr />


<strong>
<a href="http://kevin.vanzonneveld.net" rel="nofollow">Kevin van Zonneveld</a>
</strong>
on 2008-10-20 18:41:48 <br />
@ Philip Peterson: It's been decided some time ago that we do not want global dependencies (like constants). The method to implement these is to have the functions accept both the integer representation of the constants (leaving it compatible) and the constant as string (for usability). 
I've done some work on merging  get_html_translation_table, htmlentities &amp;amp; htmlspecialchars and their counterparts, check it out if your like.
<hr />


<strong>
Philip Peterson
</strong>
on 2008-10-15 01:46:26 <br />
Here's an proposed implementation of get_html_translation_table.  I do have a small problem though, which probably has a simple solution, and I used the actual integer values for constants instead of ENT_QUOTES, etc. ...  would it not be more practical to do so, really, maybe have an optional &amp;quot;CONSTANTS&amp;quot; section in php.js?

Oh well, here's my code:

<pre><code>

HTML_SPECIALCHARS=0;
HTML_ENTITIES=1;
ENT_COMPAT=2;
ENT_QUOTES=3;

function get_html_translation_table(table, quote_style)
{
retarr=[];
if(table==0)
{
if(quote_style == 2 || quote_style == 3)
{
  retarr=['&amp;quot;':'&amp;amp;quot', '\'':'&amp;amp;#39;', '&amp;lt;':'&amp;amp;lt;', '&amp;gt;':'&amp;amp;gt;', '&amp;amp;':'&amp;amp;amp;'];
}
if(quote_style == 2)
{
  // remove the ' entry
}
}
else if(table==1)
{
  // Do the same thing as table == 0, but with the huge list of characters found by calling get_html_translation_table(1)
}
}

</code></pre>
<hr />


<strong>
<a href="http://kevin.vanzonneveld.net" rel="nofollow">Kevin van Zonneveld</a>
</strong>
on 2008-07-18 08:18:43 <br />
@ Arno: Thank you for correcting me. It should be okay now.
<hr />


<strong>
Arno
</strong>
on 2008-07-01 16:27:24 <br />
I just see that your example here is wrong too. Here is the corrected version:

This is how you could call htmlspecialchars()
<pre><code>
htmlspecialchars(&amp;quot;&amp;lt;a href='test'&amp;gt;Test&amp;lt;/a&amp;gt;&amp;quot;, 'ENT_QUOTES');
</code></pre>
And that would return
<pre><code>
&amp;amp;lt;a href=&amp;amp;#039;test&amp;amp;#039;&amp;amp;gt;Test&amp;amp;lt;/a&amp;amp;gt;
</code></pre>
<hr />


<strong>
Arno
</strong>
on 2008-07-01 16:23:34 <br />
First of all thanks for this great work, does really help a lot.

However this issue doesn't seem fixed yet.

As Nathan already pointed out, you have to remove the single quotes in your regexp. so that it reads

<pre><code>
string = string.replace(/&amp;lt;/g, '&amp;amp;lt;');
</code></pre>

Arno
<hr />


<strong>
<a href="http://kevin.vanzonneveld.net" rel="nofollow">Kevin van Zonneveld</a>
</strong>
on 2008-05-31 12:34:30 <br />
@ Nathan: Thanks for pointing this out, fixed.
<hr />


<strong>
Nathan
</strong>
on 2008-05-26 12:07:03 <br />
The source code doesn't work at all. There are two errors.
To fix it try this:

var reg=/&amp;amp;/g
string=string.replace(reg, '&amp;amp;amp;');
<hr />