Convert special characters to HTML entities. All untrusted content should be passed through this method to prevent XSS injections.
echo HTML::chars($username);
string Core_HTML::chars( string $value [, boolean $double_encode = bool true ] )
参数列表
参数 类型 描述 默认值 $valuestringString to convert $double_encodebooleanEncode existing entities bool true
string public static function chars($value, $double_encode = true)
{
return @htmlspecialchars((string)$value, ENT_QUOTES, Core::$charset, $double_encode);
}