Good day!

I want to know if how can I add the code for htmlentities in my code.


$tpl->set_block('handle', 'block_list', 'tag_list');
foreach($rows as $row) {
$tpl->set_var(array('emp_id'=> $row['Emp_ID'],
'lastname' => $row['Last_Name'],
'firstname' => $row['First_Name'],
'birthday' => date('d-m-Y', strtotime($row['Birthday'])),
'sorting' => $sort,
'id' => $row['Emp_ID']
));

$tpl->parse('tag_list', 'block_list', true);
}

$tpl->parse('handle', array('handle'));
$tpl->p('handle');


Thank you

Well the only things that should be vulnerable to html tags would be the first name and last name, everything else typically wouldn't be able to be set by the user.


'lastname' => htmlentities($row['Last_Name']),
'firstname' => htmlentities($row['First_Name']),