How to safely output HTML from a PHP program?

You always want to HTML-encode things inside HTML attributes, which you can do with htmlspecialchars: <span title=”<?php echo htmlspecialchars($variable); ?>”> You probably want to set the second parameter ($quote_style) to ENT_QUOTES. The only potential risk is that $variable may already be encoded, so you may want to set the last parameter ($double_encode) to false.

How to match a single quote in sed

You can either use: “texta’textb” (APOSTROPHE inside QUOTATION MARKs) or ‘texta’\”textb’ (APOSTROPHE text APOSTROPHE, then REVERSE SOLIDUS, APOSTROPHE, then APOSTROPHE more text APOSTROPHE) I used unicode character names. REVERSE SOLIDUS is more commonly known as backslash. In the latter case, you close your apostrophe, then shell-quote your apostrophe with a backslash, then open another apostrophe … Read more