3v4l.org

run code in 200+ PHP versions simultaneously
<?php // // What ENT_* should I use for htmlspecialchars? // $text = '&"\'<> '; // This is insecure! echo "DEFAULT: " . htmlspecialchars($text, ENT_HTML401 | ENT_COMPAT, 'UTF-8') . "\n"; // This is insecure! echo "ENT_HTML5: " . htmlspecialchars($text, ENT_HTML5, 'UTF-8') . "\n"; // This is good echo "ENT_QUOTES: " . htmlspecialchars($text, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8') . "\n";
based on DiF87
Output for 5.4.0 - 7.4.6
DEFAULT: &amp;&quot;'&lt;&gt; ENT_HTML5: &amp;"'&lt;&gt; ENT_QUOTES: &amp;&quot;&#039;&lt;&gt;
Output for 4.3.2 - 5.3.29
Notice: Use of undefined constant ENT_HTML401 - assumed 'ENT_HTML401' in /in/PvRtm on line 8 DEFAULT: &amp;&quot;'&lt;&gt; Notice: Use of undefined constant ENT_HTML5 - assumed 'ENT_HTML5' in /in/PvRtm on line 11 Warning: htmlspecialchars() expects parameter 2 to be long, string given in /in/PvRtm on line 11 ENT_HTML5: Notice: Use of undefined constant ENT_SUBSTITUTE - assumed 'ENT_SUBSTITUTE' in /in/PvRtm on line 14 ENT_QUOTES: &amp;&quot;&#039;&lt;&gt;
Output for 4.3.0 - 4.3.1
Notice: Use of undefined constant ENT_HTML401 - assumed 'ENT_HTML401' in /in/PvRtm on line 8
Process exited with code 139.