htmlentities to escape data in php

Hello, i tried to escape outputed database plain string using htmlenties as below

echo "<font size=4 color=green><option value=$row3[cat_id]>$row3[name]</option></font>";


I tried it this way but is not working

echo "<font size=4 color=green><option value=htmlentities($row3[cat_id], ENT_QUOTES,"UTF-8") >htmlentities($row3[name], ENT_QUOTES, "UTF-8") </option></font>";


below is entire code


<?php require('./data6rst.php'); $result = $db->prepare(' select name,count(newscontent.cat_id) as no, newscontent.cat_id from newscontent,content_cat where newscontent.cat_id=content_cat.cat_id group by newscontent.cat_id order by name DESC limit 100 '); $result->execute(array()); echo "<table width='10%' border='0' cellspacing='1' cellpadding='0'>"; $i=0; $j=3;// number of columns in the table while ($nt = $result->fetch()) { $i=$i+1; echo "<td><a href=newscat.php?cat_id=$nt[cat_id]>$nt[name]</a>($nt[no])</td>"; if($i >= 3 ){$i=0; // start a new rows echo "</tr><tr>";} } echo "</table>"; echo "<hr>"; ?>
please can someone help me to fix this htmlentities issues and check also if this code is sql vulnerable since the query is passed directly to database