AbraCadab Ra wrote: > before inserting into the database I encode the data using the > htmlspecialchars() function. > > $encReq = htmlspecialchars($req, ENT_QUOTES); > > when I'm displaying it back to the user i had to use the > following function to convert it back into HTML.
Sounds like you're trying to write this: http://php.net/html_entity_decode When you think you need to remove the escaping from something, you're almost always doing something wrong. Escaping preserves data in another context, so if you ever need to remove it, it's a good indication that either you didn't need it in the first place, or you've chosen the wrong escaping function for a particular context (e.g., htmlspecialchars() for an SQL query). Hope that helps. Chris -- Chris Shiflett http://shiflett.org/ _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
