In PHP if you want to avoid double-encoding you simply pass false to the htmlentities() function like so:
PHP
$strOrig = "&";
$strEnc = htmlentities($strOrig, ENT_XML1, "UTF-8", false);
This will output & instead of & i.e. the string is not double encoded.
To achieve the same result with Java and Apache Commons Lang StringEscapeUtils all you have to do is:
Java
String strOrig = "&";
String strTemp = StringEscapeUtils.unescapeXml(strOrig);
String strEnc = StringEscapeUtils.escapeXml(strTemp);
That's simple after you see it! Just unescape the string first, then escape it. That will take care of any already encoded entities and will avoid double encoding.
-i
