'ello all.

I am trying to preform a regex to make sure that valid input is entered, but htmlentities and htmlspcialchars don't seem to translate the dollar sign ($) into it's corresponding HTML code (&# 36; ) (spaces added due to board translation of HTML code)

Could someone point me in the right direction?

$_POST['webCurrency'] = "& #36;"; // posted from form with value & # 36; without spaces
$currency = htmlspecialchars(trim($_POST['webCurrency']));
    echo 'CURRENCY -> '.$currency; //outputs $
$currency = htmlentities(trim($_POST['webCurrency']));
    echo 'CURRENCY -> '.$currency; //outputs $

TIA!

    Well, no. There's nothing special in HTML about a $ sign. Why does this need [man]str_replace[/man] used on it more than, say, .?

      Thanks for that.

      What about Yen, Euro, etc... is there a listing/web page somewhere of what is "special" and what isn't?

      edit

      Removing the regex and checking that the posted var is 1 char worked ... with $, pound, euro, yen and currency symbol.

      I would still like to know if there is something I can read to clarify this in the future though. 🙂

        Characters that are regarded as "special" in HTML are &, <, >, ' and " - in other words, those that can be mapped using htmlspecialchars. & because it's the entity escape character, < and > because they delimit tags, and ' and " because they delimit attribute values.

        If it's a list of entities you want, it's part of the HTML specification

          That's exactly what I was looking for.

          Thank you.

            Write a Reply...