There is no need for double encode, but single quotes should be encoded.

[SoonDead]

htmlentities() encodes everything htmlspecialchars() does, but more.

The double encode would make all signs that are special html chars > < " & unreadable, but does not provide anything securitywise.

[shakesoda]

I really should write up smoke tests for this thing.