PHP fans don't do themselves any favors by dismissing the criticisms in this sort of non-substantive way. The "fractal of bad design" paper has a lot of good criticisms, and the standard library is still a horror show of poor API design, in my opinion.
The first embarrassment I could think of off the top of my head is still there, for example:
Completely ignoring the fact that that function is a misnomer because it encodes XML special chars, not HTML, the "double_encode" parameter is pants-on-head ridiculous and basically a concession to people who can't be bothered to keep track of whether their string is already escaped or not and want to be able to pass it through this function again "just in case."
This is a bug waiting to happen (or more like a bug that's already happened all over the web), and the type of stuff that makes seasoned programmers who appreciate a well-designed ecosystem dismiss the entire thing as amateur hour.
The first embarrassment I could think of off the top of my head is still there, for example:
https://www.php.net/manual/en/function.htmlspecialchars.php
Completely ignoring the fact that that function is a misnomer because it encodes XML special chars, not HTML, the "double_encode" parameter is pants-on-head ridiculous and basically a concession to people who can't be bothered to keep track of whether their string is already escaped or not and want to be able to pass it through this function again "just in case."
This is a bug waiting to happen (or more like a bug that's already happened all over the web), and the type of stuff that makes seasoned programmers who appreciate a well-designed ecosystem dismiss the entire thing as amateur hour.