Xss attack - regex or htmlspecialchars?

PDO does a very effective job of protecting your queries from XSS attacks. No need to worry about whether or not you remembered to protect your queries, because it is automatic. Several other frameworks support this feature as well.

Htmlspecialchars() or htmlentities() are recommended as protection from XSS attacks over a hand-crafted regex. But, you must take into account context. For example, htmlspecialchars() will protect dynamic content inside a tag but not inside a tag or an event handler such as onclick.

Within html comments, no protection is offered by encoding. The key to writing code that is not vulnerable to XSS attacks is understanding all the different attack vectors.

I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.