In my string I have quotes(',") and < tags > . I used
htmlspecialchars($str, ENT_QUOTES);
to convert only the single and double quote to general text . But unfortunately it is also converting tags < , > . For this reason even I have
strip_tags("$desc","< b >< font >< i >< u >< br >");
Those allowed tags are also displaying as general < and > sign not working as html tags .
In conclude , I want to display single and double quote as regular text and allowed tags working as html does.
Thank You.
Why don't you run strip_tags() before htmlspecialchars() ?
sample:
<?php
$input = '<b>allowed tag</b> " <font>not allowed tag</font>';
// XXX
$tmp = htmlspecialchars($input, ENT_QUOTES);
$result = strip_tags($tmp, '<b>');
var_dump($result);
// string(78) "<b>allowed tag</b> " <font>not allowed tag</font>"
// Improved
$tmp = strip_tags($input, '<b>');
$result = htmlspecialchars($tmp, ENT_QUOTES);
var_dump($result);
// string(53) "<b>allowed tag</b> " not allowed tag"