Best way to remove all but the 5 predefined HTML entities with PHP - for XHTML5 output_问答_开发者

Best way to remove all but the 5 predefined HTML entities with PHP - for XHTML5 output

开发者 https://www.devze.com 2023-03-13 15:27 出处：网络

I\'m currently experimenting with delivering XHTML5. Currently I deliver XHTML 1.1 Strict on the page I\'m working on. That is I do for capable browsers. For those who don\'t accept XML encoded data I

相关专题：php

I'm currently experimenting with delivering XHTML5. Currently I deliver XHTML 1.1 Strict on the page I'm working on. That is I do for capable browsers. For those who don't accept XML encoded data I fall back to HTML4.1 strict.

In experimenting with using HTML5 for either, when delivering as HTML5 all works more or less as expected. The first issue I have when delivering as XHTML5 however is with the HTML entities. FF4 sais ü is an undefined entity. Because there is no HTML5 DTD.

I read that the HTML5 wiki currently recommends:

Do not use entity references in XHTML (except for the 5 predefined entities: &, <, >, " and ')

I do need <, > at certain places. Hence my Question is what is the best way in PHP to decode all but the five entities named above. html_entity_decode() decodes all of them, so is there 开发者_如何学JAVAa reasonable way to exclude some?

UPDATE:

I went with a simple replace / replace back approach for the moment, so unless there really is an elegant way the question is solved enough for my immediate needs.

function non_html5_entity_decode($string)
{
    $string = str_replace("&amp;",'@@@AMP',
                        str_replace("&apos;",'@@@APOS',
                        str_replace("&lt;",'@@@LT',
                        str_replace("&gt;",'@@@GT',
                        str_replace("&quot;",'@@@QUOT',$string)))));
    $string = html_entity_decode($string);
    $string = str_replace('@@@AMP',"&amp;",
                        str_replace('@@@APOS',"&apos;",
                        str_replace('@@@LT',"&lt;",
                        str_replace('@@@GT',"&gt;",
                        str_replace('@@@QUOT',"&quot;",$string)))));
    return $string;
}

PAY ATTENTION on universal convertions: the use of html_entity_decode with default parameters not remove all named entities, only the few defined by old HTML 4.01 standard. So entities like ©(©) will by converted; but some like +(+), not. To convert ALL named entities use the ENT_HTML5 in the second parameter (!).

Also, if destination encode not is UTF8, can not recive the superior (to 255) names, like &Ascr;(𝒜) thar is 119964>255.

So, to convert "ALL POSSIBLE NAMED ENTITIES", you MUST use html_entity_decode($s,ENT_HTML5,'UTF-8') but it is valid only with PHP5.3+, where the flag ENT_HTML5 was implemented.

In the particular case of this question, must use also flag ENT_NOQUOTES instead the default ENT_COMPAT, so , must use html_entity_decode($s,ENT_HTML5|ENT_NOQUOTES,'UTF-8')

PS (edited): thanks to @BoltClock to remember about PHP5.3+.

I think a html_entity_decode() followed by a htmlspecialchars() is the easiest way to go.

It won't convert ' though - to get that, you'd have to do htmlspecialchars() first, and then convert ' into &apos.