PHP Web Application Security Vulnerabilities

Before displaying it, modify user input to defang scripts.

You can remove all HTML and PHP tags

<?php 
    $bad = "<?php header(); ?><blink>Ugh!</blink><?php footer(); ?>";
$ok = strip_tags($bad);
print $ok;
?>

Output

Ugh!