We do this using the PHP function htmlspecialchars(), which
encodes HTML special characters into HTML entities. In Joomla! when we use
htmlspecialchars(), we are encouraged to specify the quote style ENT_QUOTES.
This ensures that we also encode single quote characters as the HTML entity ':
$value = "Foo's value is > Bar's value";
echo htmlspecialchars($value, ENT_QUOTES);
This will produce the following:
Foo's value is > Bar's value
When we are outputting data like this, if the data is coming from an object, we can
use the JOutputFilter::objectHTMLSafe() method. This method executes the
htmlspecialchars() function on all of the public properties of the object:
$o = new JObject();
$o->set("name", "Foo's name");
$o->set("content", "Foo is > Bar");
JOutputFilter::objectHTMLSafe($o, ENT_QUOTES, 'content');
print_r($o);
JObject Object
(
[name] => Foo's name
[content] => Foo is > Bar
)
The last two parameters are optional. By default the second parameter, quote type, is
ENT_QUOTES.
Pages:
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438