Instead of putting yourself to replace all the UTF-8 characters with all the edge cases you can get, you better encode the string when you send it, and decode when you receive it:
var valor_codificado=encodeURIComponent(valor);
// Esto convierte "ÑAÑEZ" a "%C3%91A%C3%91EZ"
And on the server side
$apellido = urldecode($_POST['apellido']);
echo $apellido;
Edit: Where does the problem come from?
It depends on how you are sending the information to the backend (for example using a form with enctype='application/x-www-form-urlencoded' which is the enctype by default), it could be receiving a string of the type
nombre=juan&apellido=perez&telefono=5552419
Which is parsed as
nombre = 'juan'
apellido = 'perez'
telefono = '5552419'
If one of the parameters starts with ampersand & what the backend receives is
nombre=juan&apellido=ÑAÑEZ&telefono=5552419
What the backend pauses is
nombre = 'juan'
apellido = ''
NtildeA = ''
NtildeEZ= ''
telefono = 5552419
This behavior would be different if your form had the attribute enctype='multipart/form-data'
In the same way, if you are making the request by ajax, the attribute contentType of the request can cause the information to pass either to the superglobal $_POST or pass as a payload in the body of the request, in which case you would have to capture it using something like file_get_contents("php://input") or some convenience method offered by the framework in use.
Edit 2
It is worth mentioning that the htmlentity of the Ñ is Ñ finished in a semicolon.