Whereas with htmlentities(), $string is the string to be translated, $quote_style is a flag used to determine how quotes will be handled (refer back to for a table of possible values), and $char_set represents the character set to use in the conversion.
Serialization
Although not as widely used in forms (more in databases), serialization of variables in PHP can prove extremely useful. What exactly is serialization? Basically, it is a process whereby a complex data structure such as an array or an object (which cannot be transmitted in a form or to a database directly) is converted into a string by some reversible method. Although you could create your own function to serialize a complex data structure, serialization of any PHP variable can be accomplished through the serialize() function. The syntax for this function is as follows:
serialize($input)
$input is the complex data structure to serialize. When executed, the serialize() function returns the string representation of the input data, which looks something like the following (for the defined array):
Note that this string is by no means ready to be transmitted over the HTTP protocol (that is, as a hidden form element) or stored in a database. In both cases, the serialization string contains characters that are considered invalid. To overcome this, a number of different methods are available to the developer. If the data is to be stored in a database, often simply using the addslashes() (or the custom my_addslashes() function discussed earlier) will do the trick. However, when you're dealing with the HTTP protocol, the urlencode() function (also discussed earlier) should be used.
After it is serialized and encoded (if necessary), this string can be sent into a database as a hidden element in an HTML form, or even written to a file for future use. To reconstruct the variable from its serialized representation, PHP offers the unserialize() function, which has a similar syntax to its counterpart:
unserialize($input_string [, $callback_function])
$input_string represents the serialization string for the variable to reconstruct, and $callback_function is the name of an optional callback function to use if unserialize() reconstructs an object that has not been defined (see , "," for more information on dynamically loading of class definitions). Upon success, the unserialize() function will return the reconstructed variable based on the provided data or will return false if PHP was unable to reconstruct the serialized data.
