4.6.x common.inc decode_entities($text, $exclude = array())
4.7.x unicode.inc decode_entities($text, $exclude = array())
5.x unicode.inc decode_entities($text, $exclude = array())
6.x unicode.inc decode_entities($text, $exclude = array())
7.x unicode.inc decode_entities($text)

Decodes all HTML entities (including numerical ones) to regular UTF-8 bytes.

Double-escaped entities will only be decoded once ("&amp;lt;" becomes "&lt;", not "<"). Be careful when using this function, as decode_entities can revert previous sanitization efforts (&lt;script&gt; will become <script>).


$text: The text to decode entities in.

$exclude: An array of characters which should not be decoded. For example, array('<', '&', '"'). This affects both named and numerical entities.

Return value

The input $text, with all HTML entities decoded once.

8 calls to decode_entities()
db_connect in includes/database.pgsql.inc
Initialize a database connection.
filter_xss_bad_protocol in includes/bootstrap.inc
Processes an HTML attribute value and ensures it does not contain an URL with a disallowed protocol (e.g. javascript:)
format_rss_channel in includes/common.inc
Formats an RSS channel.
locale_string_is_safe in includes/locale.inc
Check that a string is safe to be added or imported as a translation.
search_simplify in modules/search/search.module
Simplifies a string according to indexing rules.

... See full list


includes/unicode.inc, line 336


function decode_entities($text, $exclude = array()) {
  static $html_entities;
  if (!isset($html_entities)) {
    include_once './includes/unicode.entities.inc';

  // Flip the exclude list so that we can do quick lookups later.
  $exclude = array_flip($exclude);

  // Use a regexp to select all entities in one pass, to avoid decoding
  // double-escaped entities twice. The PREG_REPLACE_EVAL modifier 'e' is
  // being used to allow for a callback (see
  // http://php.net/manual/en/reference.pcre.pattern.modifiers).
  return preg_replace('/&(#x?)?([A-Za-z0-9]+);/e', '_decode_entities("$1", "$2", "$0", $html_entities, $exclude)', $text);