htmlspecialchars
convert reserved characters to html entities
[...] = optional ... = your value
[var $... = ]call htmlspecialchars $val=…[;$flags=…][;$encoding=…][;$double_encoding=…]
Notes
$flags=ENT_QUOTES (single quotes are also converted)
$encoding =... charset encoding
for other options for flags and encoding settings see
htmlspecialchars on php.net
$double_encode=0 do not re encode existing html entities (default is to encode everything)
Example code
<!--parser:xtscript-->
var $input = <span style='color:red'>"foobar"</span>
var $flags=ENT_QUOTES
var $double_encode=0
var $output = call htmlspecialchars $val=$input;$flags=$flags ;$double_encode=$double_encode
print input = $input<br />
print output = $output<br />
var $output=call htmlspecialchars $val=$output
print actual output = $output
<!--/parser:xtscript-->
Show in textareaExample output
Reloadinput =
"foobar"output = <span style='color:red'>"foobar"</span>
actual output = <span style='color:red'>"foobar"</span>