htmlentities destroys utf-8 strings

Question

I got something weird happening here and I can\'t understand why, on my php 5.2.5 server (Just on Linux ,Windows php servers doesn\'t have same problem) When I use a POST F

Answer 1

In version 5.4.0 the default value for the encoding parameter was changed to UTF-8.

Source: Manual

Answer 2

htmlspecialchars($str, ENT_QUOTES, "UTF-8")

This is also better at preventing xss than just htmlentities()

Answer 3

From php manual : htmlentities() takes an optional third argument encoding which defines encoding used in conversion. From PHP 5.6.0, default_charset value is used as default. From PHP 5.4.0, UTF-8 is the default. PHP prior to 5.4.0, ISO-8859-1 is used as the default. Although this argument is technically optional, you are highly encouraged to specify the correct value for your code.

Answer 4

The only way to change htmlentities()'s encoding is specifying it in its third parameter.

There is no way to change the default encoding. Prior to PHP 5.4 It is always iso-8859-1.

This was changed in PHP 5.4 however and is now always utf-8

Answer 5

And if you don't want to worry about so many different charset codings or if htmlentities doesn't work for you, here the alternative: I used mysqli DB connection (and PHPV5) Form post for writing/inserting to MySQl DB.

$Notes = $_POST['Notes']; //can be text input or textarea.

$charset = mysqli_character_set_name($link);  //mysqli connection
printf ("To check your character set but not necessary %s\n",$charset);  

$Notes = str_replace('"', '"', $Notes);  //double quotes for mailto: emails.  
$von = array("ä","ö","ü","ß","Ä","Ö","Ü"," ","é");  //to correct double whitepaces as well
$zu  = array("ä","ö","ü","ß","Ä","Ö","Ü"," ","é");  
$Notes = str_replace($von, $zu, $Notes);  
echo " Notes:".$Notes."<br>" ;  
$Notes = mysqli_real_escape_string($link, $Notes); //for mysqli DB connection.
// Escapes special characters in a string for use in an SQL statement

echo " Notes:".$Notes ;  //ready for inserting