htmlspecialchars() only takes care of predefined characters <, >, single quote ‘, double quote ” and ampersand(&), and converts these characters in to html entities.
- < less than convert into <
- > greater than convert into >
- single quote convert into '
- “ double quote convert into "
- & ampersand convert into &
htmlentities() translates all occurrences of character sequences that have different meaning in HTML.
Both functions are used to encode user input on a website so that users cannot insert harmful HTML codes into a site.