htmlspecialchars 只轉化下面這幾個html程式碼,而 htmlentities 卻會轉化所有的html程式碼,連同裡面的它無法識別的中文字元也給轉化了。
'&' (ampersand) becomes '&' '"' (double quote) becomes '"' when ENT_NOQUOTES is not set. ''' (single quote) becomes ''' only when ENT_QUOTES is set. '<' (less than) becomes '<' '>' (greater than) becomes '>'
結論是,有中文的時候,最好用 htmlspecialchars ,否則可能亂碼
更多:https://www.shanhubei.com/archives/55214.html