Can I make php automatically escape HTML chars when using ?

I am using unescaped data for example some string " <>> ' blah.

This causes trouble when I do this:

<input value="<?= $my_string ?>">

<input value="<?= $my_string ?>">

​

Which results in:

<input value="some string " <>> ' blah">

<input value="some string " <>> ' blah">

​

Is there a way to tell php to call htmlspecialchars on everything before printing it to the html document using <?= ?> so I don’t have to call it manually every time?

Answer

No, this is not possible. But you could make a shortcut method that. For example like this:

function h($string){
     return htmlspecialchars($string);
}

function h($string){

     return htmlspecialchars($string);

}

​