Source Code:
(back to article)
<?php // Define a string containing HTML and JavaScript code. $input = "<script>alert('Hello')</script>"; // Use the htmlspecialchars function to convert special characters in the input string to their corresponding HTML entities. // This is done to prevent the code from being executed as JavaScript code in the browser. $safe_input = htmlspecialchars($input); // Echo the resulting string to the browser. // The special characters have been converted to their HTML entity equivalents, which means that the browser will display the string as text rather than executing it as code. echo $safe_input; // This will output the string "<script>alert('Hello')</script>"
Result:
Report an issue