Is there a definitive anti-XSS library for PHP?

Question

I already know how XSS works, but finding out all the many different ways to inject malicious input is not an option.

I saw a couple libraries out there, but most of

Answer 1

In addition to zerkms's answer, if you find you need to accept user submitted HTML (from a WYSIWYG editor, for example), you will need to use a HTML parser to determine what can and can't be submitted.

I use and recommend HTML Purifier.

Note: Don't even try to use regex :)