When a user uploads a photo for their profile, I allow them to add an optional Photo Label like this...
Sam's Spiral GIF
To prevent against XSS attacks, I wrapped the Photo Label with htmlentities like this...
title='" . htmlentities($photoLabel) . "' />
The problem is that when I hover over the user's photo, I see this...
Sam & #039 ; s Spiral GIF
(I added spaces above because it keeps getting converted by SitePoint?!)
How can I use htmlentities() and get my output to look proper?