I'm looking for a php input sanitizer, and I discovered HTML Purifier today. But I also discovered the filter_var PHP 5.2 function. Tutorial here : http://nettuts.com/tutorials/php/sanitize-and-validate-data-with-php-filters/

My question is : Is there a difference between HTML Purifier and filter_var ? Which one is better ? Which one should I use ? Because I don't see the point of using an external library if php5 already propose a sanitizer...

I'm kind of lost, I don't know what to choose between HTML Purifier and filter_var. Help would be appreciated.


Re: HTML Purifier vs PHP built-in function filter_var
January 24, 2009 05:21PM

filter_var() does filtering for simple datatypes, but not for HTML. So they do different jobs.

Sorry, you do not have permission to post/reply in this forum.