Examples tested against actual runtime. CI re-verifies continuously. Only documented examples are tested.
How to use
Install via yarn add locutus and import:
import { htmlspecialchars_decode } from 'locutus/php/strings/htmlspecialchars_decode'.
Or with CommonJS: const { htmlspecialchars_decode } = require('locutus/php/strings/htmlspecialchars_decode')
Use a bundler that supports tree-shaking so you only ship the functions you actually use.
Vite,
webpack,
Rollup, and
Parcel
all handle this. For server-side use this is less of a concern.
Examples
These examples are extracted from test cases that automatically verify our functions against their native counterparts.
let decoded = string.toString().replace(/</g, '<').replace(/>/g, '>') constOPTS: Readonly<{ ENT_NOQUOTES: number ENT_HTML_QUOTE_SINGLE: number ENT_HTML_QUOTE_DOUBLE: number ENT_COMPAT: number ENT_QUOTES: number ENT_IGNORE: number }> = { ENT_NOQUOTES: 0, ENT_HTML_QUOTE_SINGLE: 1, ENT_HTML_QUOTE_DOUBLE: 2, ENT_COMPAT: 2, ENT_QUOTES: 3, ENT_IGNORE: 4, }
const isOptKey = (value: string): value is keyof typeofOPTS => Object.hasOwn(OPTS, value)
if (quoteStyleValue === 0) { noquotes = true } if (typeof quoteStyleValue !== 'number') { // Allow for a single string or an array of string flags const quoteStyleFlags = (Array.isArray(quoteStyleValue) ? quoteStyleValue : [quoteStyleValue]).map((flag) => String(flag), ) for (const flag of quoteStyleFlags) { // Resolve string input to bitwise e.g. 'PATHINFO_EXTENSION' becomes 4 if (flag === 'ENT_NOQUOTES') { noquotes = true } elseif (isOptKey(flag) && OPTS[flag]) { optTemp |= OPTS[flag] } } quoteStyleValue = optTemp } const resolvedQuoteStyle = typeof quoteStyleValue === 'number' ? quoteStyleValue : optTemp if (resolvedQuoteStyle & OPTS.ENT_HTML_QUOTE_SINGLE) { // PHP doesn't currently escape if more than one 0, but it should: decoded = decoded.replace(/�*39;/g, "'") // This would also be useful here, but not a part of PHP: // string = string.replace(/'|�*27;/g, "'"); } if (!noquotes) { decoded = decoded.replace(/"/g, '"') } // Put this in last place to avoid escape being double-decoded decoded = decoded.replace(/&/g, '&')
if (quoteStyleValue === 0) { noquotes = true } if (typeof quoteStyleValue !== 'number') { // Allow for a single string or an array of string flags const quoteStyleFlags = (Array.isArray(quoteStyleValue) ? quoteStyleValue : [quoteStyleValue]).map((flag) => String(flag), ) for (const flag of quoteStyleFlags) { // Resolve string input to bitwise e.g. 'PATHINFO_EXTENSION' becomes 4 if (flag === 'ENT_NOQUOTES') { noquotes = true } elseif (isOptKey(flag) && OPTS[flag]) { optTemp |= OPTS[flag] } } quoteStyleValue = optTemp } const resolvedQuoteStyle = typeof quoteStyleValue === 'number' ? quoteStyleValue : optTemp if (resolvedQuoteStyle & OPTS.ENT_HTML_QUOTE_SINGLE) { // PHP doesn't currently escape if more than one 0, but it should: decoded = decoded.replace(/�*39;/g, "'") // This would also be useful here, but not a part of PHP: // string = string.replace(/'|�*27;/g, "'"); } if (!noquotes) { decoded = decoded.replace(/"/g, '"') } // Put this in last place to avoid escape being double-decoded decoded = decoded.replace(/&/g, '&')
return decoded }
Improve this function
Locutus is a community effort following
The McDonald's Theory:
we ship first iterations, hoping others will improve them.
If you see something that could be better, we'd love your contribution.