PHP HTML Entities


I want to display on screen data send by the user,
remembering it can contain dangerous code, it is the best to clean this data with html entities.

Is there a better way to do html entities, besides this:

$name = clean($name, 40);
$email = clean($email, 40);
$comment = clean($comment, 40);

and this:

$data = array("name", "email," "comment") 

function confHtmlEnt($data)
return htmlentities($data, ENT_QUOTES, 'UTF-8');

$cleanPost = array_map('confHtmlEnt', $_POST);

if so, how, and how does my wannabe structure
for html entities look?

Thank you for not flaming the newb :-).

Best Solution

If you wish to convert the five special HTML characters to their equivalent entities, use the following method:

function filter_HTML($mixed)
 return is_array($mixed)
  ? array_map('filter_HTML',$mixed)
  : htmlspecialchars($mixed,ENT_QUOTES);

That would work for both UTF-8 or single-byte encoded string.

But if the string is UTF-8 encoded, make sure to filter out any invalid characters sequence, prior to using the filter_HTML() function:

function make_valid_UTF8($str)
 return iconv('UTF-8','UTF-8//IGNORE',$str)

Also see: