What's the best practice to set html attribute via PHP?

html php

Solution 1:

You always want to HTML-encode things inside HTML attributes, which you can do with htmlspecialchars:

<span title="<?php echo htmlspecialchars($variable); ?>">

You probably want to set the second parameter ($quote_style) to ENT_QUOTES.

The only potential risk is that $variable may already be encoded, so you may want to set the last parameter ($double_encode) to false.

Solution 2:

Well, before you output any text into HTML you should escape it using htmlspecialchars(). So just make sure (double) quote is correctly changed.

Pay attention to the second parameter of that function.

Related

WPF WindowStartupLocation="CenterOwner" not really center, and pops all over, why?
Haskell lightweight threads overhead and use on multicores
How to print +1 in Python, as +1 (with plus sign) instead of 1?
Continuing test execution in junit4 even when one of the asserts fails
How would you implement a "trait" design-pattern in C#?
Jackson - best way writes a java list to a json array
AttributeError: 'module' object (scipy) has no attribute 'misc'
How to compile and execute from memory directly?
One line if/else condition in linux shell scripting
Flush all cache in Laravel 4
Howdo I tell which kernel modules are required?
Tools for Troubleshooting SAN Performance Bottlenecks