3v4l.org

run code in 300+ PHP versions simultaneously
<?php $x = "\xC2<script+%C2>alert(1);//%C2</script+%C2>"; function mb_htmlescape($s) { mb_regex_encoding('UTF-8'); $s = mb_ereg_replace('&', '&amp;', $s); $s = mb_ereg_replace('<', '&lt;', $s); $s = mb_ereg_replace('>', '&gt;', $s); $s = mb_ereg_replace('"', '&quot;', $s); return $s; } echo mb_htmlescape($x); echo htmlspecialchars($x);

preferences:
42.8 ms | 402 KiB | 5 Q