htmlspecialchars() vs htmlpurifier library

What are the differences between the built-in php method htmlspecialchars() and htmlpurifier library?

Solution

If you just want to stop any HTML from being used, use htmlspecialchars or htmlentities.

HTML Purifier is intended to let you allow some HTML, with quite a few options - for example, you can allow video embeds only from YouTube, or allow only certain CSS classes on certain HTML tags. Handy if you're building a CMS or something where you want to allow people to use HTML but not permit malicious use.

It can also make HTML fixes, like adding default alt tags to images, cleanup of invalid or unnecessary code, etc.

Peruse the available configuration options for an idea of what's possible.

PHP arrays, how to access keys and values
Error 500 - Premature end of script headers in Laravel
I want to hide json file from public access. How do I do that?
I got this error "Use of a direct database call is discouraged"
PHP replace string with values from array
How to Validate Bitbucket Webhook Signature Using Secret Key?
Passing docker-compose .env file values into the container
Declaring Variable Types in PHP?
How can I detect a malformed UTF-8 string in PHP?
PHP: mb_convert_encoding() to UTF-16LE doesn't work
Use WC Kalkulator product field values to update WooCommerce cart item product properties
What is the difference between strcmp() and Spaceship Operator (<=>)
Validate UUID with Laravel Validation
Artisan Call output in Controller?
PHP Fatal error: Uncaught RuntimeException: Unable to create the Doctrine Proxy directory on SuiteCRM clean installation
Xdebug not writing to file
SUBMIT button value sent only when clicked
Use integer for relation
PHP switch case to update array not affecting array
Remove more than 1 blank line between paragraphs with only 1 blank line AND remove excess white spaces
WooCommerce Orders and Items Array with JQuery DataTables
Download file or Open if file type is PDF
How to change default timeout of Http Client in Laravel
PHP Symfony parse JSON response deserialize class constructor
Initializing a huge array (50000 entries)
Adding Tanstack react-query to laravel 11 reactjs inertia project
Calling Python in PHP
How using phpword delete personal data left in word template when generate file?
How to filter the output of the data received from the database based on the meta relation?
Laravel 7 Eloquent relationships not working