PHPprogramming~20 mins

Output escaping with htmlspecialchars in PHP - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Output escaping with htmlspecialchars

📖 Scenario: You are building a simple PHP web page that displays user comments. To keep the page safe from harmful code, you need to escape special characters in the comments before showing them.

🎯 Goal: Create a PHP script that safely displays user comments by using htmlspecialchars to escape special characters.

📋 What You'll Learn

Create an array called comments with exact string values including special HTML characters

Create a variable called escaped_comments to store escaped comments

Use a foreach loop with variables comment to process each comment

Use htmlspecialchars function to escape each comment

Print each escaped comment on a new line using echo

💡 Why This Matters

🌍 Real World

Web developers must escape user input before showing it on web pages to prevent security problems like cross-site scripting (XSS).

💼 Career

Knowing how to safely display user content is essential for backend and full-stack developers working with PHP or any web technology.

Progress0 / 4 steps

Create the comments array

Create an array called comments with these exact string values: 'Hello & welcome!', 'Good morning everyone', and 'Use "quotes" wisely.'

PHP

# Create the comments array with exact values
# Your code here

Need a hint?

Use square brackets [] to create the array and separate strings with commas.

Create the escaped_comments array

Create an empty array called escaped_comments to store the escaped versions of the comments.

PHP

everyone', 'Use "quotes" wisely.'];
# Create an empty array called escaped_comments
# Your code here

Need a hint?

Use [] to create an empty array.

Escape each comment using htmlspecialchars

Use a foreach loop with variable comment to go through $comments. Inside the loop, use htmlspecialchars on $comment and add the result to $escaped_comments.

PHP

everyone', 'Use "quotes" wisely.'];
$escaped_comments = [];
# Use foreach loop to escape each comment
# Your code here

Need a hint?

Use foreach ($comments as $comment) and inside the loop, append escaped comment to $escaped_comments.

Print the escaped comments

Use a foreach loop with variable escaped_comment to go through $escaped_comments. Inside the loop, print each $escaped_comment followed by a line break using echo.

PHP

everyone', 'Use "quotes" wisely.'];
$escaped_comments = [];
foreach ($comments as $comment) {
    $escaped_comments[] = htmlspecialchars($comment);
}
# Print each escaped comment with a line break
# Your code here

Need a hint?

Use echo $escaped_comment . "<br>"; inside the loop to print each escaped comment on its own line.