Question
I'm trying to push all blog posts through htmlspecialchars to ensure all characters are displayed correctly.
However once being processed (they are called when pulling data from the database, not when pushing) they aren't displaying as characters!
Just their respetive codes appear.
Here is how I'm fetching the data:
https://stackoverflow.com/questions/20160265
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian<?php
while($result = mysql_fetch_array( $results )
{
echo "
<div class=\"post\"><article>
<a href=\"//blog.jacoblukewood.com/p/" . $result['id'] . "\"><h3 class=\"posttitle\">" . htmlspecialchars($result['title']) . "</h3></a>
<div class=\"postcontent\">
<p>";
if (strlen($result['content']) > 300)
{
echo nl2br(htmlspecialchars(substr($result['content'],0,300))) . "… " . "<a href=\"//blog.jacoblukewood.com/p/" . $result['id'] . "\">Continue Reading</a>";
}
else
{
echo nl2br(htmlspecialchars(substr($result['content'],0,300)));
}
echo "</p>
</div>
</article>
<div class=\"poststats\">
<a href=\"//blog.jacoblukewood.com/p/" . $result['id'] . "#disqus_thread\"></a><a> • By " . $result['poster'] . " • On " . htmlspecialchars(substr($result['timestamp'],0,10)) . " • </a><a href=\"//blog.jacoblukewood.com/t/" . $result['topic'] . "\">" . htmlspecialchars($result['topic']) . "</a><br /></div>
</div>";
}
?>
And it's displaying like this:
Yay it's working!!
Everything seems good, comments, url's, random colours etc!
My website is jacoblukewood.com Also, should I be using htmlspecialchars before pushing it to the database?
Solution
honestly I don't think you should worry about htmlspecialchars in the database. If you are using a UTF8 character set you will be fine with the majority of characters.
if you already have encoded characters in the database try using http://www.php.net/manual/en/function.htmlspecialchars-decode.php this will reverse the process for you.
