htmlentities() Used Correctly Or Not ?

@developer_webJul 23.2021

Folks,

I want to know where I used my htmlentities() correctly out of the 4 WHILE Loops ….

[code] //1. WHICH WHILE LOOP IS BEST ? $i = ‘1’; while($i<=$total_pages) { $query_string_2 = ‘&page=’ .intval($i); $url = $path .htmlentities($query_string_1) .htmlentities($query_string_2); //Full URL With $_REQUEST params (Query Strings): https://localhost/Templates/url_encode_Template.php?find=keyword&tbl=links&col=keyword&max=100&page=1

if($page == $i) { //Bold the current Page numbered link. echo ‘<a href=’ .'”‘ .$url .'”‘ .’>’ .'’ .intval($i) .'’ .'</a>’; } else { echo ‘<a href=’ .'”‘ .$url .'”‘ .’>’ .intval($i) .'</a>’; } $i++; }

echo ‘ ’; [/code]

[code] //2. WHICH WHILE LOOP IS BEST ? $i = ‘1’; while($i<=$total_pages) { $query_string_2 = ‘&page=’ .intval($i);

if($page == $i) { //Bold the current Page numbered link. echo ‘<a href=’ .'”‘ .”$path” .htmlentities($query_string_1) .htmlentities($query_string_2) .'”‘ .’>’ .'’ .intval($i) .'’ .'</a>’; } else { echo ‘<a href=’ .'”‘ .”$path” .htmlentities($query_string_1) .htmlentities($query_string_2) .'”‘ .’>’ .intval($i) .'</a>’; } $i++; } [/code]

[code] //3. WHICH WHILE LOOP IS BEST ? $i = ‘1’; while($i<=$total_pages) { $query_string_2 = ‘&page=’ .intval($i); $url = $path .$query_string_1 .$query_string_2; //Full URL With $_REQUEST params (Query Strings): https://localhost/Templates/url_encode_Template.php?find=keyword&tbl=links&col=keyword&max=100&page=1

if($page == $i) { //Bold the current Page numbered link. echo ‘<a href=’ .'”‘ .htmlspecialchars($url) .'”‘ .’>’ .'’ .intval($i) .'’ .'</a>’; } else { echo ‘<a href=’ .'”‘ .htmlspecialchars($url) .'”‘ .’>’ .intval($i) .'</a>’; } $i++; }

echo ‘ ’; [/code]

[code] //4. WHICH WHILE LOOP IS BEST ? $i = ‘1’; while($i<=$total_pages) { $query_string_2 = ‘&page=’ .intval($i); $url = $path .htmlentities($query_string_1) .htmlentities($query_string_2); //Full URL With $_REQUEST params (Query Strings): https://localhost/Templates/url_encode_Template.php?find=keyword&tbl=links&col=keyword&max=100&page=1

echo ‘ ’;

?> [/code]

to post a comment

PHP

9 Comments(s) _↴

@developer_webauthorJul 23.2021 — #Folks,

Here is code context ....

Html

<i>
 </i>&lt;form method = 'GET' action = ""&gt;
 &lt;label for='find'&gt;Find&lt;/label&gt;
 &lt;input type='text' name='find' id='find'&gt;
 &lt;br&gt;
 Table:
 &lt;input type='radio' name='table' id='sale'&gt;&lt;label for='table'&gt;Websites On Sale&lt;/label&gt;
 &lt;input type='radio' name='table' id='sold'&gt;&lt;label for='table'&gt;Websites Sold&lt;/label&gt;
 &lt;input type='radio' name='table' id='links'&gt;&lt;label for='table'&gt;Links&lt;/label&gt;
 &lt;br&gt;
 &lt;label for="column"&gt;Column:&lt;/label&gt;
 &lt;select name="column" id="column"&gt;
 &lt;option value=""&gt;&lt;/option&gt;
 &lt;option value="domain"&gt;Domain&lt;/option&gt;
 &lt;option value="email"&gt;Email&lt;/option&gt;
 &lt;option value="submission_id"&gt;Submission Id&lt;/option&gt;
 &lt;option value="url"&gt;Url&lt;/option&gt;
 &lt;option value="anchor"&gt;Anchor&lt;/option&gt;
 &lt;option value="description"&gt;Description&lt;/option&gt;
 &lt;option value="keywords"&gt;Keyword&lt;/option&gt;
 &lt;/select&gt;
 &lt;br&gt;
 &lt;button type='submit'&gt;Search!&lt;/button&gt;
 &lt;/form&gt;

You do a keyword search and get presented with google type SERP displaying search results.

Notice my WHILE loops. There should be one but I wrote four as I do not know which ones a valid and best practice and which ones are invalid due to me over using or misusing the htmlentities() and/or the htmlspecialchars() and so bear this in mind. Care to show me which WHILE loop is invalid and which ones are best practice ?

Php

<i>
 </i>&lt;?php
 
 //ERROR REPORTING FOR DEVMODE ONLY.
 ini_set('display_errors','1');
 ini_set('display_startup_errors','1');
 error_reporting(E_ALL);
 
 //MYSQLI CONNECTION.
 mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT);
 
 $server = 'localhost';
 $user = 'root';
 $password = '';
 $database = 'brute';
 
 if(!$conn = mysqli_connect("$server","$user","$password","$database"))
 {
 echo 'Mysqli Connection Error' .mysqli_connect_error($conn);
 echo 'Mysqli Connection Error Number' .mysqli_connect_errno($conn);
 }
 
 if(!mysqli_character_set_name($conn) == 'utf8mb4')
 {
 echo 'Initial Character Set: ' .mysqli_character_set_name($conn);
 mysqli_set_charset("$conn",'utf8mb4');
 echo 'Current Character Set: ' .mysqli_character_set_name($conn);
 }
 
 
 //SECTION: WHITE-LISTS.
 //Valid list of Mysql Tables.
 $tables_white_list = array('sale','sold','links');
 //Valid list of Mysql Table Columns.
 $columns_white_list = array('email','domain','url','anchor','description','keyword');
 //Banned Words List. Users cannot search these keywords.
 $blacklisted_words = array('prick','dick');
 
 //SECTION: VALIDATE SERP URL.
 //Check if "table" exists or not in Url's Query String.
 if(ISSET($_REQUEST['table']) &amp;&amp; !empty(trim($_REQUEST['table'])) &amp;&amp; is_string(trim($_REQUEST['table'])))
 {
 if(in_array(trim($_REQUEST['table']),$tables_white_list)) //MySql Tbl to Search.
 {
 $tbl = trim($_REQUEST['table']);
 }
 else
 {
 die('Invalid Table!');
 }
 }
 else
 {
 die('Select Table!');
 }
 
 //Check if "column" exists or not in Url's Query String.
 if(ISSET($_REQUEST['column']) &amp;&amp; !empty(trim($_REQUEST['column'])) &amp;&amp; is_string(trim($_REQUEST['column'])))
 {
 if(in_array(trim($_REQUEST['column']),$columns_white_list)) //MySql Tbl Col to search.
 {
 $col = trim($_REQUEST['column']);
 }
 else
 {
 die('Invalid Column!');
 }
 }
 else
 {
 die('Select Column!');
 }
 
 //Check if "search term" exists or not in Url's Query String.
 if(!ISSET($_REQUEST['find']) || empty(trim($_REQUEST['find'])) &amp;&amp; !is_string(trim($_REQUEST['find'])) || !is_int(trim($_REQUEST['find']))) //Using $_REQUEST[] for both $_REQUEST['POST'] &amp; $_REQUEST['REQUEST'].
 {
 die('Enter Keywords to search!');
 }
 else
 {
 if(in_array(trim($_REQUEST['find']),$blacklisted_words)) //Keyword(s) to search.
 {
 die('Your search terms contains a banned word! Try some other keywords');
 }
 else
 {
 $find = trim($_REQUEST['find']); //Not trimming or ridding trailing spaces here as user's keyword (eg. foreign keywords or symbols) may actually contain such spaces. 
 
 <i>	</i>	if($col=='submission_id')
 <i>	</i>	{
 <i>	</i>		if(!is_INT($find))
 <i>	</i>		{
 <i>	</i>			die('Enter a valid Submission Number! Can only be a numerical value.');
 <i>	</i>		}
 <i>	</i>		else
 <i>	</i>		{
 <i>	</i>			$submission_id = $find;
 <i>	</i>		}
 <i>	</i>	}
 <i>	</i> 
 <i>	</i>	if($col=='email')
 <i>	</i>	{
 <i>	</i>		if(!filter_input(INPUT_GET, "email", FILTER_VALIDATE_EMAIL))
 <i>	</i>		{
 <i>	</i>			die('Enter a valid Email!');
 <i>	</i>		}
 <i>	</i>		else
 <i>	</i>		{
 <i>	</i>			$email = $find;
 <i>	</i>		}
 <i>	</i>	}
 <i>	</i> 
 <i>	</i>	if($col=='domain')
 <i>	</i>	{
 <i>	</i>		if(!filter_input(INPUT_GET, "domain", FILTER_VALIDATE_DOMAIN))
 <i>	</i>		{
 <i>	</i>			die('Enter a valid Domain!');
 <i>	</i>		}
 <i>	</i>		else
 <i>	</i>		{
 <i>	</i>			$domain = $find;
 <i>	</i>		}
 <i>	</i>	}
 <i>	</i>	if($col=='url')
 <i>	</i>	{
 <i>	</i>		if(!filter_input(INPUT_GET, "url", FILTER_VALIDATE_URL))
 <i>	</i>		{
 <i>	</i>			die('Enter a valid Url!');
 <i>	</i>		}
 <i>	</i>		else
 <i>	</i>		{
 <i>	</i>			$url = $find;
 <i>	</i>		}
 <i>	</i>	}
 <i>	</i> 
 <i>	</i>	if($col=='anchor')
 <i>	</i>	{
 <i>	</i>		if(!filter_input(INPUT_GET, "anchor", FILTER_VALIDATE_STRING)) //HOW TO VALIDATE STRING ?
 <i>	</i>		{
 <i>	</i>			die('Enter a valid Description!');
 <i>	</i>		}
 <i>	</i>		else
 <i>	</i>		{
 <i>	</i>			$description = $find;
 <i>	</i>		}
 <i>	</i>	}
 <i>	</i> 
 <i>	</i>	if($col=='description')
 <i>	</i>	{
 <i>	</i>		if(!filter_input(INPUT_GET, "description", FILTER_VALIDATE_STRING)) //HOW TO VALIDATE STRING ?
 <i>	</i>		{
 <i>	</i>			die('Enter a valid Description!');
 <i>	</i>		}
 <i>	</i>		else
 <i>	</i>		{
 <i>	</i>			$description = $find;
 <i>	</i>		}
 <i>	</i>	}
 <i>	</i> 
 <i>	</i>	if($col=='keyword')
 <i>	</i>	{
 <i>	</i>		if(!filter_input(INPUT_GET, "keyword", FILTER_VALIDATE_STRING))
 <i>	</i>		{
 <i>	</i>			die('Enter a valid Keyword!');
 <i>	</i>		}
 <i>	</i>		else
 <i>	</i>		{
 <i>	</i>			$keyword = $find;
 <i>	</i>		}
 <i>	</i>	}
 <i>	</i>}
 }
 
 $max = (!empty($_REQUEST['max']) and intval($_REQUEST['max']) &gt; 0)
 ? intval($_REQUEST['max']) : 1;
 
 $page_no = (!empty($_REQUEST['page']) and intval($_REQUEST['page']) &gt; 0)
 ? intval($_REQUEST['page']) : 1;
 
 //SECTION: QUERY DATABASE FOR KEYWORD COUNT.
 $query = "SELECT COUNT(id) From links WHERE keyword = ?";
 $stmt = mysqli_stmt_init($conn);
 if(mysqli_stmt_prepare($stmt,$query))
 {
 mysqli_stmt_bind_param($stmt,'s',$find);
 mysqli_stmt_execute($stmt);
 mysqli_stmt_bind_result($stmt,$row_count);
 if(mysqli_stmt_fetch($stmt))
 {
 echo 'Row Count: ' .$row_count; echo '&lt;br&gt;'; 
 }
 else
 {
 echo 'Record fetching failed!';
 echo 'Error: ' .mysqli_stmt_error($conn);
 echo 'Error: ' .mysqli_stmt_errno($conn);
 }
 mysqli_stmt_close($stmt);
 }
 else
 {
 echo 'find Preparation Failed!';
 }
 //mysqli_close($conn);
 echo '&lt;b&gt;'; echo __LINE__; echo '&lt;/b&gt;'; echo '&lt;br&gt;';
 
 
 //SECTION: QUERY DATABASE FOR SEARCH-TERM MATCHES.
 echo $offset = ($page*$max)-$max; echo '&lt;br&gt;';
 $query = "SELECT id,date_and_time,name,age,zip,phone,mobile,fax,email,domain,url,description From links WHERE $tbl = ? LIMIT $offset,$max";
 $stmt = mysqli_stmt_init($conn);
 if(mysqli_stmt_prepare($stmt,$query))
 {
 mysqli_stmt_bind_param($stmt,'s',$find);
 mysqli_stmt_execute($stmt);
 if($result = mysqli_stmt_get_result($stmt))
 {
 $columns = mysqli_fetch_array($result);
 
 <i>	</i>	$submission_id = $columns['id'];
 <i>	</i>	$submission_date_and_time = $columns['date_and_time'];
 <i>	</i>	$email = $columns['email'];
 <i>	</i>	$domain = $columns['domain'];
 <i>	</i>	$url = $columns['url'];
 <i>	</i>	$anchor = $columns['anchor'];
 <i>	</i>	$description = $columns['description'];
 <i>	</i>	$keyword = $columns['keyword']; 
 <i>	</i> 
 <i>	</i>	echo 'Submission Id: ' .$submission_id; echo '&lt;br&gt;';
 <i>	</i>	echo 'Submission Date And Time: ' .$submission_date_and_time; echo '&lt;br&gt;';
 <i>	</i>	echo 'Email: ' .$email; echo '&lt;br&gt;';
 <i>	</i>	echo 'Domain: ' .$domain; echo '&lt;br&gt;';
 <i>	</i>	echo 'Url: ' .$url; echo '&lt;br&gt;';
 <i>	</i>	echo 'Anchor: ' .$anchor; echo '&lt;br&gt;';
 <i>	</i>	echo 'Description: ' .$description; echo '&lt;br&gt;';
 <i>	</i>	echo 'Keyword: ' .$keyword; echo '&lt;br&gt;';
 <i>	</i>	//WHICH OF THE FOLLOWING TWO ECHOES IS BEST ?
 <i>	</i>	echo 'Link: &lt;a href=' .'"' .strip_tags($url) .'"' .'&gt;' .'&lt;b&gt;' .strip_tags($url) .'&lt;/b&gt;' .'&lt;/a&gt;'; echo '&lt;br&gt;'; //Need to add your aided code on this line before echoing third party submitted links on my page. Your code needs to detect url structure and break them up into pieces and apply the appropriate php function (urlencode(), raw_urlencode(), htmlentities(), htmlspecialchars(), intval() on the appropriate pieces.
 <i>	</i>	echo 'Link: &lt;a href=' .'"' .htmlspecialchars($url) .'"' .'&gt;' .'&lt;b&gt;' .htmlspecialchars($url) .'&lt;/b&gt;' .'&lt;/a&gt;'; echo '&lt;br&gt;'; //Need to add your aided code on this line before echoing third party submitted links on my page. Your code needs to detect url structure and break them up into pieces and apply the appropriate php function (urlencode(), raw_urlencode(), htmlentities(), htmlspecialchars(), intval() on the appropriate pieces.
 <i>	</i>}
 <i>	</i>else
 <i>	</i>{
 <i>	</i>	//Error Messages for Production Mode only.
 <i>	</i>	echo 'Record fetching failed!';
 <i>	</i>	echo 'Error: ' .mysqli_stmt_error($stmt);
 <i>	</i>	echo 'Error: ' .mysqli_stmt_errno($stmt);
 <i>	</i>}
 <i>	</i>mysqli_stmt_close($stmt);
 }
 mysqli_close($conn);
 
 
 //SECTION: PAGINATION SECTION TO NUMBER THE SERPS AND LINK THEM.
 $total_pages = ceil($row_count/$max);
 //Grab the current page's url.
 $selfpage = basename(__FILE__,''); //Echoes: url_encode_Template.php. Does not fetch the url's query terms (params &amp; their values absent).
 //Encode the File Path.
 $path = rawurlencode($selfpage);
 //Encode the Query String in the url.
 $query_string_1 = '?find=' .urlencode($find) .'&amp;table=' .urlencode($table) .'&amp;column=' .urlencode($column) .'&amp;max=' .intval($max);
 
 //1. WHICH WHILE LOOP IS BEST ?
 $i = '1';
 while($i&lt;=$total_pages)
 {
 $query_string_2 = '&amp;page=' .intval($i);
 $url = $path .htmlentities($query_string_1) .htmlentities($query_string_2); //Full URL With $_REQUEST params (Query Strings): https://localhost/Templates/url_encode_Template.php?find=keyword&amp;tbl=links&amp;col=keyword&amp;max=100&amp;page=1
 
 <i>	</i>if($page == $i)
 <i>	</i>{
 <i>	</i>	//Bold the current Page numbered link.
 <i>	</i>	echo '&lt;a href=' .'"' .$url .'"' .'&gt;' .'&lt;b&gt;' .intval($i) .'&lt;/b&gt;' .'&lt;/a&gt;';
 <i>	</i>}
 <i>	</i>else
 <i>	</i>{
 <i>	</i>	echo '&lt;a href=' .'"' .$url .'"' .'&gt;' .intval($i) .'&lt;/a&gt;';
 <i>	</i>}
 <i>	</i>$i++;
 }
 
 echo '&lt;br&gt;';
 
 //2. WHICH WHILE LOOP IS BEST ?
 $i = '1';
 while($i&lt;=$total_pages)
 {
 $query_string_2 = '&amp;page=' .intval($i);
 
 <i>	</i>if($page == $i)
 <i>	</i>{
 <i>	</i>	//Bold the current Page numbered link.
 <i>	</i>	echo '&lt;a href=' .'"' ."$path" .htmlentities($query_string_1) .htmlentities($query_string_2) .'"' .'&gt;' .'&lt;b&gt;' .intval($i) .'&lt;/b&gt;' .'&lt;/a&gt;';
 <i>	</i>}
 <i>	</i>else
 <i>	</i>{
 <i>	</i>	echo '&lt;a href=' .'"' ."$path" .htmlentities($query_string_1) .htmlentities($query_string_2) .'"' .'&gt;' .intval($i) .'&lt;/a&gt;';
 <i>	</i>}
 <i>	</i>$i++;
 }
 
 //3. WHICH WHILE LOOP IS BEST ?
 $i = '1';
 while($i&lt;=$total_pages)
 {
 $query_string_2 = '&amp;page=' .intval($i);
 $url = $path .$query_string_1 .$query_string_2; //Full URL With $_REQUEST params (Query Strings): https://localhost/Templates/url_encode_Template.php?find=keyword&amp;tbl=links&amp;col=keyword&amp;max=100&amp;page=1
 
 <i>	</i>if($page == $i)
 <i>	</i>{
 <i>	</i>	//Bold the current Page numbered link.
 <i>	</i>	echo '&lt;a href=' .'"' .htmlspecialchars($url) .'"' .'&gt;' .'&lt;b&gt;' .intval($i) .'&lt;/b&gt;' .'&lt;/a&gt;';
 <i>	</i>}
 <i>	</i>else
 <i>	</i>{
 <i>	</i>	echo '&lt;a href=' .'"' .htmlspecialchars($url) .'"' .'&gt;' .intval($i) .'&lt;/a&gt;';
 <i>	</i>}
 <i>	</i>$i++;
 }
 
 echo '&lt;br&gt;';
 
 //4. WHICH WHILE LOOP IS BEST ?
 $i = '1';
 while($i&lt;=$total_pages)
 {
 $query_string_2 = '&amp;page=' .intval($i);
 $url = $path .htmlentities($query_string_1) .htmlentities($query_string_2); //Full URL With $_REQUEST params (Query Strings): https://localhost/Templates/url_encode_Template.php?find=keyword&amp;tbl=links&amp;col=keyword&amp;max=100&amp;page=1
 
 <i>	</i>if($page == $i)
 <i>	</i>{
 <i>	</i>	//Bold the current Page numbered link.
 <i>	</i>	echo '&lt;a href=' .'"' .htmlspecialchars($url) .'"' .'&gt;' .'&lt;b&gt;' .intval($i) .'&lt;/b&gt;' .'&lt;/a&gt;';
 <i>	</i>}
 <i>	</i>else
 <i>	</i>{
 <i>	</i>	echo '&lt;a href=' .'"' .htmlspecialchars($url) .'"' .'&gt;' .intval($i) .'&lt;/a&gt;';
 <i>	</i>}
 <i>	</i>$i++;
 }
 
 echo '&lt;br&gt;';
 
 ?&gt;

I am talking about the codes under these comments:

**//1. WHICH WHILE LOOP IS BEST ?

//2. WHICH WHILE LOOP IS BEST ?

//3. WHICH WHILE LOOP IS BEST ?

//4. WHICH WHILE LOOP IS BEST ?**

Notice how I made use of the htmlspecialchars() and htmlentites() on them. On which WHILE Loop I unnecessarily made use of them functions ?

QUESTION: Can you spot any other bad coding on my code ?

@developer_webauthorJul 23.2021 — #@DaveyErwin

Do you prefer to use htmlentities() or htmlspecialchars() ?

Anyway, on this thread, what I really need to know is which WHILE loop is best because I did the htmlentities() on it properly.

@NogDogJul 23.2021 — #You probably do not want to use htmlentities() at all, as the URL query string will then be malformed:

<i>
 </i>19:27 $ php -a
 Interactive shell
 
 php &gt; $url = 'https://localhost/Templates/url_encode_Template.php?find=keyword&amp;tbl=links&amp;col=keyword&amp;max=100&amp;page=1';
 php &gt; echo htmlentities($url);
 https://localhost/Templates/url_encode_Template.php?find=keyword&amp;amp;tbl=links&amp;amp;col=keyword&amp;amp;max=100&amp;amp;page=1
 php &gt;

@developer_webauthorJul 25.2021 — #@NogDog#1634654

Thanks for bringing that to my attention.

I believe I should not be using htmlentities() or htmlspecialchars() on urls that are urlencode(). Hence this is my latest update. I'd like your feed-back on it now .....


 //SECTION: PAGINATION SECTION TO NUMBER THE SERPS AND LINK THEM.
 $total_pages = ceil($row_count/$max);
 //Grab the current page's url.
 $selfpage = basename(__FILE__,''); //Echoes: url_encode_Template.php. Does not fetch the url's query terms (params & their values absent).
 //Encode the File Path.
 $path = rawurlencode($selfpage);
 //Encode the Query String in the url.
 $query_string_1 = '?find=' .urlencode($find) .'&table=' .urlencode($table) .'&column=' .urlencode($column) .'&max=' .intval($max);
 
 $i = '1';
 while($i<=$total_pages)
 {
 $query_string_2 = '&page=' .intval($i);
 $url = $path .$query_string_1 .$query_string_2; //Full URL With $_REQUEST params (Query Strings): https://localhost/Templates/url_encode_Template.php?find=keyword&tbl=links&col=keyword&max=100&page=1
 
 if($page == $i)
 {
 //Bold the current Page numbered link.
 echo '<a href=' .'"' .$url .'"' .'>' .'<b>' .intval($i) .'</b>' .'</a>';
 }
 else
 {
 echo '<a href=' .'"' .$url .'"' .'>' .intval($i) .'</a>';
 }
 $i++;
 }

@developer_webauthorJul 25.2021 — #@NogDog

Do you see any other code errors on my original post apart from the htmlentities() you addressed earlier ? My html5 and other parts of php code is ok or not. That's what I am asking.

Thanks!

@developer_webauthorJul 25.2021 — #Folks,

I am told:

" It's pointless to use both isset() && !empty() in the same if. Just using !empty() is enough. ".

So it seems these are pointless:

1.

``<i>
 </i>if(ISSET($_REQUEST['table']) &amp;&amp; !empty(trim($_REQUEST['table'])) &amp;&amp; is_string(trim($_REQUEST['table'])))<i>
 </i>`</CODE>
 
 2.
 <CODE>`<i>
 </i>if(ISSET($_REQUEST['column']) &amp;&amp; !empty(trim($_REQUEST['column'])) &amp;&amp; is_string(trim($_REQUEST['column'])))<i>
 </i>``


 if(!ISSET($_REQUEST['find']) || empty(trim($_REQUEST['find'])) && !is_string(trim($_REQUEST['find'])) || !is_int(trim($_REQUEST['find'])))

Is this correct ? That they are pointless ? I am told to just use the !empty().

@NogDogJul 25.2021 — #> @developer_web#1634688 I am told to just use the !empty().

Easily answered by reading https://www.php.net/empty

> That means empty() is essentially the concise equivalent to !isset($var) || $var == false.

@developer_webauthorJul 25.2021 — #@NogDog#1634693

Thanks NogDog! That link lead to another link:

https://www.php.net/manual/en/types.comparisons.php

Comparison Table there would be handy for my tests. Check the Table to understand what I'm on about.

@developer_webauthorJul 25.2021 — #@NogDog

So, is my updated code ok now then ?

https://www.webdeveloper.com/d/395615-htmlentities-used-correctly-or-not/5

And do you see any other errors on my code on my original post apart from the htmlentities() and htmlspecialchars() messes I made ?

https://www.webdeveloper.com/d/395615-htmlentities-used-correctly-or-not

Also in #PHP _↴

image quality How to Solve this problem ! Help Me!what should i do....

Success!

Help @developer_web spread the word by sharing this article on Twitter...

Tweet This

htmlentities() Used Correctly Or Not ?

9 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

htmlentities() Used Correctly Or Not ?

9 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

9 Comments(s) _↴

Also in #PHP _↴