Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Escape HTML Function for Browser Output Prevents XSS (Cross-Site Scripting)
function escape_html($str){
return htmlspecialchars($str, ENT_QUOTES, 'UTF-8');
<title>Escape_HTML Example</title>
<h1>Escape_HTML Example</h1>
<p><?php echo escape_html('<script>alert(123);</script>'); ?></p>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment