htmlspecialchar and Japanese

Zenoxio · 13-May-2008, 03:46 PM #1

I have a site where a user can enter data into a field, which is then stored into a database. I am using htmlspecialchar and addslashes to prevent XSS and SQL injection.

The problem is that if I enter Japanese characters, htmlspecialchar ends up doing something wrong to them. I think the chars are stored via Unicode, and it's taking the & and changing it into & which is then unrendering the Japanese when it is displayed on the webpage.

Any clues how I should go about this?

brendandonhu · 14-May-2008, 12:51 PM #2

Have you tried setting the charset parameter to htmlspecialchars()? It should be SJIS or EUCJP for Japanese: http://php.net/htmlspecialchars

Zenoxio · 14-May-2008, 12:57 PM #3

Is that okay to do if the data is primarily English, but may contain Japanese?

brendandonhu · 14-May-2008, 10:32 PM #4

It should be whatever character set the data is encoded with, I suppose you'd have to try it and see if it works for your data.

Zenoxio · 15-May-2008, 08:53 AM #5

How would I check what char set the data is? Do you mean the input box? That doesn't have a char set on it (that I specifically set).

brendandonhu · 15-May-2008, 06:28 PM #6

The character set is what the user enters in the input box. I am not really sure if setting it to Japanese in htmlspecialchars() will fix this problem, but it's worth trying.

Search
Search in:
Show Threads Show Posts
Advanced Search

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)