function convertspecialchars($data)
{
if (gettype($data) == 'array')
return array_map("convertspecialchars", $data);
else
return htmlspecialchars($data, ENT_NOQUOTES);
}

$allParams = $this->getAllParams();
$allParamsValidated = array_map("convertspecialchars", $allParams);

FYI: ENT_NOQUOTES will leave both double and single quotes unconverted.