Htmlentities () vs htmlspecialchars () function in PHP

PHP

Function htmlentities() - it is a built-in function in PHP that is used to convert all characters applicable to HTML objects. This function converts all characters that are applicable to the HTML entity.Syntax
string htmlentities ($string, $flags, $encoding, $double_encode)
Parameters:This function takes four parameters as above and described below:
  • $string :this parameter is used to store the input string.
  • $flags:this parameter is used to store flags. This is a combination of one or two flags that tells how to handle quotes.
  • $encoding:This is an optional argument that specifies the encoding to use when converting characters. If no encoding is specified, it will be converted according to the default PHP version.
  • $double_encode:if double_encode is disabled, then PHP will not encode existing HTML entities. By default, everything is converted.
Return Values:This function returns the string that was encoded.Example:   // String converted to htmlentities $str = ' GeeksforGeeks < / a >' ;  
// It converts htmlentities and prints them echo htmlentities ( $str ); ?>
Exit:
& amp; lt ; a href = & amp; quot; https://www.engineerforengineer.org& quot; & amp; gt; GeeksforGeeks & amp; lt; / a & amp; gt;
htmlspecialchars() function htmlspecialchars() function - it is a built-in function in PHP that is used to convert all predefined characters to HTML entities.Syntax:
string htmlspecialchars ( $string, $flags, $encoding, $double_encode)
  • $string:this parameter is used to store the input string.
  • $flags:this parameter is used to store flags. This is a combination of one or two flags that tells how to handle quotes.
  • $encoding:This is an optional argument that specifies the encoding to use when converting characters. If no encoding is specified, it will be converted according to the default PHP version.
  • $double_encode:if double_encode is disabled, then PHP will not encode existing HTML entities. By default, everything is converted.
Return Values:This function returns a converted string. If the input string is invalid, an empty string is returned.Example :  
// Example htmlspecialchars() function 
// String to convert $str = '" engineerforengineer.org "Go to GeeksforGeeks' ;  
// Converts double and single quotes echo htmlspecialchars ( $str , ENT_QUOTES); ?>
Exit:
& amp; quot ; engineerforengineer.org & amp; quot; Go to GeeksforGeeks
Difference between htmlentities() and htmlspecialchars():The only difference between these functions:
  • The htmlspecialchars() function converts special characters to HTML entities.
  • The htmlentities() function converts all applicable characters to HTML entities.