3v4l.org

run code in 300+ PHP versions simultaneously
<?php // // What ENT_* should I use for htmlspecialchars? // $text = '&"\'<> '; // This is insecure! echo "DEFAULT: " . htmlspecialchars($text, ENT_HTML401 | ENT_COMPAT, 'UTF-8') . "\n"; // This is insecure! echo "ENT_HTML5: " . htmlspecialchars($text, ENT_HTML5, 'UTF-8') . "\n"; // This is good echo "ENT_QUOTES: " . htmlspecialchars($text, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8') . "\n";
Output for 5.6.0 - 5.6.40, 7.0.0 - 7.0.33, 7.1.0 - 7.1.33, 7.2.0 - 7.2.34, 7.3.0 - 7.3.33, 7.4.0 - 7.4.33, 8.0.0 - 8.0.30, 8.1.0 - 8.1.31, 8.2.0 - 8.2.26, 8.3.0 - 8.3.15, 8.4.1 - 8.4.2
DEFAULT: &amp;&quot;'&lt;&gt; ENT_HTML5: &amp;"'&lt;&gt; ENT_QUOTES: &amp;&quot;&#039;&lt;&gt;

preferences:
77.41 ms | 408 KiB | 5 Q