htmlspecialchars 只转化下面这几个html代码,而 htmlentities 却会转化所有的html代码,连同里面的它无法识别的中文字符也给转化了。
'&' (ampersand) becomes '&'
'"' (double quote) becomes '"' when ENT_NOQUOTES is not set.
''' (single quote) becomes ''' only when ENT_QUOTES is set.
'<' (less than) becomes '<'
'>' (greater than) becomes '>'
结论是,有中文的时候,最好用 htmlspecialchars ,否则可能乱码