diff --git a/reference/errorfunc/functions/set-error-handler.xml b/reference/errorfunc/functions/set-error-handler.xml
index abdd575118..ffe81f9cf0 100644
--- a/reference/errorfunc/functions/set-error-handler.xml
+++ b/reference/errorfunc/functions/set-error-handler.xml
@@ -230,6 +230,9 @@ function myErrorHandler($errno, $errstr, $errfile, $errline)
return false;
}
+ // $errstr may need to be escaped:
+ $errstr = htmlspecialchars($errstr);
+
switch ($errno) {
case E_USER_ERROR:
echo "My ERROR [$errno] $errstr
\n";
@@ -237,7 +240,6 @@ function myErrorHandler($errno, $errstr, $errfile, $errline)
echo ", PHP " . PHP_VERSION . " (" . PHP_OS . ")
\n";
echo "Aborting...
\n";
exit(1);
- break;
case E_USER_WARNING:
echo "My WARNING [$errno] $errstr
\n";