- htmlspecialchars: documentation ( source)
<?
echo("<p>Search results for query: ",
$_GET['query'] . ".</p>");
?>
<?
echo("<p>Search results for query: ",
htmlspecialchars($_GET['query']) . ".</p>");
?>
<?php
if (isset($_GET['query']))
{
echo '<p>Search results for query: ',
htmlspecialchars($_GET['query'], ENT_QUOTES), '.</p>';
}
?>