imajes Tue Jan 8 19:29:37 2002 EDT
Modified files:
/phpdoc/en/faq html.xml
Log:
htmlescape() ==> htmlspecialchars()
Index: phpdoc/en/faq/html.xml
diff -u phpdoc/en/faq/html.xml:1.12 phpdoc/en/faq/html.xml:1.13
--- phpdoc/en/faq/html.xml:1.12 Wed Dec 12 15:46:33 2001
+++ phpdoc/en/faq/html.xml Tue Jan 8 19:29:37 2002
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="iso-8859-1"?>
-<!-- $Revision: 1.12 $ -->
+<!-- $Revision: 1.13 $ -->
<chapter id="faq.html">
<title>PHP and HTML</title>
<titleabbrev>PHP and HTML</titleabbrev>
@@ -27,7 +27,7 @@
<listitem>
<para>
HTML interpretation. In order to specify a random string, you
- <emphasis>must</emphasis> include it in double quotes, and htmlescape
+ <emphasis>must</emphasis> include it in double quotes, and htmlspecialchars
the the whole value.
</para>
</listitem>
@@ -46,7 +46,7 @@
<programlisting role="php">
<![CDATA[
<?php
- echo "<input type=hidden value=\"" . htmlescape($data) . "\">\n";
+ echo "<input type=hidden value=\"" . htmlspecialchars($data) . "\">\n";
?>
]]>
</programlisting>
@@ -67,7 +67,7 @@
<![CDATA[
<?php
echo "<textarea name=mydata>\n";
- echo htmlescape($data)."\n";
+ echo htmlspecialchars($data)."\n";
echo "</textarea>";
?>
]]>
@@ -90,7 +90,7 @@
<programlisting role="php">
<![CDATA[
<?php
- echo "<a href=\"" . htmlescape("/nexpage.php?stage=23&data=" .
+ echo "<a href=\"" . htmlspecialchars("/nexpage.php?stage=23&data=" .
urlencode($data)) . "\">\n";
?>
]]>
@@ -104,9 +104,9 @@
</note>
<note>
<simpara>
- You need to <function>htmlescape</function> the whole URL, because the
+ You need to <function>htmlspecialchars</function> the whole URL, because the
URL occurs as value of an HTML-attribute. In this case, the browser
- will first un-<function>htmlescape</function> the value, and then pass
+ will first un-<function>htmlspecialchars</function> the value, and then pass
the URL on. PHP will understand the URL correcly, because you
<function>urlencoded</function> the data.
</simpara>
@@ -115,7 +115,7 @@
by <literal>&amp;</literal>. Although most browsers will recover
if you forget this, this isn't always possible. So even if your URL is
not dynamic, you <emphasis>need</emphasis> to
- <function>htmlescape</function> the URL.
+ <function>htmlspecialchars</function> the URL.
</simpara>
</note>
</para>