function decode_entities

You are here

7 decode_entities($text)
4.6 decode_entities($text, $exclude = array())
4.7 decode_entities($text, $exclude = array())
5 decode_entities($text, $exclude = array())
6 decode_entities($text, $exclude = array())
8 decode_entities($text)

Decodes all HTML entities (including numerical ones) to regular UTF-8 bytes.

Double-escaped entities will only be decoded once ("&amp;lt;" becomes "&lt;", not "<"). Be careful when using this function, as decode_entities can revert previous sanitization efforts (&lt;script&gt; will become <script>).


$text: The text to decode entities in.

$exclude: An array of characters which should not be decoded. For example, array('<', '&', '"'). This affects both named and numerical entities.

Return value

The input $text, with all HTML entities decoded once.

9 calls to decode_entities()
db_connect in includes/
Initialize a database connection.
drupal_html_to_text in includes/
Transform an HTML string into plain text, preserving the structure of the markup. Useful for preparing the body of a node to be sent by e-mail.
filter_xss_bad_protocol in modules/filter/filter.module
Processes an HTML attribute value and ensures it does not contain an URL with a disallowed protocol (e.g. javascript:)
format_rss_channel in includes/
Formats an RSS channel.
locale_string_is_safe in includes/
Check that a string is safe to be added or imported as a translation.

... See full list


includes/, line 336


function decode_entities($text, $exclude = array()) {
  static $html_entities;
  if (!isset($html_entities)) {
    include_once './includes/';

  // Flip the exclude list so that we can do quick lookups later.
  $exclude = array_flip($exclude);

  // Use a regexp to select all entities in one pass, to avoid decoding 
  // double-escaped entities twice. The PREG_REPLACE_EVAL modifier 'e' is
  // being used to allow for a callback (see 
  return preg_replace('/&(#x?)?([A-Za-z0-9]+);/e', '_decode_entities("$1", "$2", "$0", $html_entities, $exclude)', $text);