Htmlspecialchars for email content

hi all

I have this below code for textarea in which person enters his enquiry

$body="Hi \
<br><br>".htmlspecialchars($name). " had sent you enquiry . ".  " \
Person Enquiry = ". htmlspecialchars($enquiry) . " \
<br><br> ";

after person enters enquiry the email is sent with the enquiry entered.

i receive enquiry content as

yo man\\r\
testing new site\\r\
stay tuned\\r\

how can i use htmlspecialchars in the way it doesnt echoes \r


htmlspecialchars() is for escaping HTML output.

If your email is displaying that text as part of an HTML email then those characters will not be visible.

if you are providing that as a plain text email then you need to get rid of the htmlspecialchars() call so as to not convert it from plain text.

felgall is right, but perhaps you were wanting to use (to remove html tags) instead of htmlspecialchars() but that isn’t necessary in a mail() function, at least I don’t think there’s a security breach possible. Removing html tags is mostly when you want to output user input (not safe) on your webpage.