6

I have a string in my code as per the following example:

<?php
$find = '<tag';
$string = 'blah blah <tag=something>';
?>

Simple enough, but when I try to echo the strings, it's not liking the < or > characters. All that get's echo'ed is:

blah blah

So, basically i'm guessing I need to escape these characters to get them to work in PHP but im not sure exactly how. I'm using this for a templating system, so in the html file a file can be included by using:

<include="filename.html">

So I don't need to show the < and > characters on the screen at any time, I just need to read the file, find the instances of these tags and do some magic. I've got all of that part working but It's just any string that contains more than / less than operators that don't seem to work OK.

Any ideas?

Improve this question
4
  • Are you viewing the source of the page, or just seeing the visual result that the browser is showing you?
    – Jared Farrish
    Commented Nov 21, 2011 at 3:48
  • The < and > don't ever have to be displayed to screen, it's simply stored in a string variable.
    – Amo
    Commented Nov 21, 2011 at 4:19
  • possible duplicate of Print less-than and greater-than symbols in PHP
    – mario
    Commented Nov 21, 2011 at 4:21
  • No PHP strings involved: jsfiddle.net/FX8AP
    – Jared Farrish
    Commented Nov 21, 2011 at 12:57

4 Answers 4

Reset to default
14

With PHP you can generate HTML markup, so you have to find a way to distinguish between HTML element characters ( < & > ). There exist special sequence of characters in HTML that are called HTML entities. Those are described with an ampersand, some sort of shorthand and end with a semi-colon.

Here are some examples:

&gt;     : > (greater-than)
&lt;     : < (less-than)
&amp;    : & (ampersand)
&raquo;  : » (right angle quote marks)
&eacute; : é (e acute)

Almost all characters can be represented with such entities, but it quickly gets tedious. You only have to remember the < and > ones, plus the & for URLs.

Your code should be rewritten like this if your intention was to show the less-than / greater-than signs.

<?php
$find = '&lt;tag';
$string = 'blah blah &lt;tag=something&gt;';
?>

As mentioned in other answers, you can use the function htmlspecialchars() to convert characters in a variable (e.g. from user input).

<?php echo htmlspecialchars($string); ?>

will display blah blah <tag=something> for viewing in a web browser. Else, if you were using PHP on the command line for example, you would not need to use this function.

Improve this answer
5

You need to use HTML characters to avoid it being turned into HTML.

so:

echo htmlspecialchars("<hello>");
Improve this answer
2
  • 4
    From the PHP docs you referenced: Returns a string with backslashes before characters that need to be quoted in database queries etc. What part of that has to do with this question?
    – Jared Farrish
    Commented Nov 21, 2011 at 3:50
  • this function does not effect '<' brackets at all.. This is meant for escaping ' and " inside strings
    – Osama Javed
    Commented Nov 21, 2011 at 3:56
4

Use htmlspecialchars()

echo htmlspecialchars('string you want to echo');
Improve this answer
1

you can use the htmlspecialchars function to escape the < brackets..

Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.