htmlspecialchars_decode

(PHP 5 >= 5.1.0, PHP 7, PHP 8)

htmlspecialchars_decode — Convert special HTML entities back to characters

Description

htmlspecialchars_decode(string $string, int $flags = ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401): string

This function is the opposite of htmlspecialchars(). It converts special HTML entities back to characters.

The converted entities are: &, " (when ENT_NOQUOTES is not set), ' (when ENT_QUOTES is set), < and >.

Parameters

string

The string to decode.

flags

A bitmask of one or more of the following flags, which specify how to handle quotes and which document type to use. The default is ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401.

**Available `flags` constants**
Constant Name	Description
`ENT_COMPAT`	Will convert double-quotes and leave single-quotes alone.
`ENT_QUOTES`	Will convert both double and single quotes.
`ENT_NOQUOTES`	Will leave both double and single quotes unconverted.
`ENT_SUBSTITUTE`	Replace invalid code unit sequences with a Unicode Replacement Character U+FFFD (UTF-8) or � (otherwise) instead of returning an empty string.
`ENT_HTML401`	Handle code as HTML 4.01.
`ENT_XML1`	Handle code as XML 1.
`ENT_XHTML`	Handle code as XHTML.
`ENT_HTML5`	Handle code as HTML 5.

Return Values

Returns the decoded string.

Changelog

Version	Description
8.1.0	`flags` changed from `ENT_COMPAT` to `ENT_QUOTES` \| `ENT_SUBSTITUTE` \| `ENT_HTML401`.

Examples

Example #1 A htmlspecialchars_decode() example

<?php
$str = "<p>this -&gt; &quot;</p>\n";

echo htmlspecialchars_decode($str);

// note that here the quotes aren't converted
echo htmlspecialchars_decode($str, ENT_NOQUOTES);
?>

The above example will output:

<p>this -> "</p> <p>this -> &quot;</p>

Found A Problem?

Learn How To Improve This Page • Submit a Pull Request • Report a Bug

＋add a note

User Contributed Notes 3 notes

down

thomas at xci[ignore_this]teit dot commm ¶

17 years ago

The example for "htmlspecialchars_decode()" below sadly does not work for all PHP4 versions. Quote from the PHP manual: "get_html_translation_table() will return the translation table that is used internally for htmlspecialchars() and htmlentities()." But it does NOT! At least not for PHP version 4.4.2. This was already reported in a bug report (http://bugs.php.net/bug.php?id=25927), but it was marked as BOGUS. Proof: Code: -------------------- <?php var_dump(get_html_translation_table(HTML_SPECIALCHARS,ENT_QUOTES)); var_dump(htmlspecialchars('\'',ENT_QUOTES)); ?> -------------------- Output: -------------------- array '"' => '&quot;' ''' => '&#39;' '<' => '&lt;' '>' => '&gt;' '&' => '&amp;' '&#039;' -------------------- This comment now is not to report this bug again (though I really believe it is one), but to complete the example and warn people of this pitfall. To make sure your htmlspecialchars_decode fake for PHP4 works, you should do something like this: <?php function htmlspecialchars_decode($string,$style=ENT_COMPAT) { $translation = array_flip(get_html_translation_table(HTML_SPECIALCHARS,$style)); if($style === ENT_QUOTES){ $translation['&#039;'] = '\''; } return strtr($string,$translation); } ?>  Br, Thomas

down

Anonymous ¶

19 years ago

This should be the best way to do it. (Reposted because the other one seems a bit slower and because those who used the code under called it htmlspecialchars_decode_php4) <?php if ( !function_exists('htmlspecialchars_decode') ) { function htmlspecialchars_decode($text) { return strtr($text, array_flip(get_html_translation_table(HTML_SPECIALCHARS))); } } ?>

down

-1

or-k at or-k dot com ¶

20 years ago

that works also with &auml; and &quot; and so on. get_html_translation_table(HTML_ENTITIES) => offers more characters than HTML_SPECIALCHARS function htmlspecialchars_decode_PHP4($uSTR) { return strtr($uSTR, array_flip(get_html_translation_table(HTML_ENTITIES, ENT_QUOTES))); }

＋add a note

htmlspecialchars_decode

Description

Parameters

Return Values

Changelog

Examples

See Also

Found A Problem?

User Contributed Notes 3 notes