Posts Tagged htmlspecialchars

htmlspecialchars for mysql

Yes, it’s bad, evil, nasty, and just plain wrong.

But that doesn’t mean that there aren’t occasions when you do need to spew out html directly from mysql (or at least I’ve found one).

DELIMITER $$

DROP FUNCTION IF EXISTS `htmlspecialchars`$$
CREATE FUNCTION `htmlspecialchars` (_str text) RETURNS text
BEGIN
	set _str = replace(_str, '"', '"');
	set _str = replace(_str, '&', '&');
	set _str = replace(_str, '<', '&lt;');
	set _str = replace(_str, '>', '&gt;');
	return _str;
END$$

DELIMITER ;

Usual disclaimers apply.

,

No Comments

css.php