alert('Hello World!')"; echo "Bad string: " . $string . "\n"; echo "Sanitized with strip_tags(): " . strip_tags($string) . "\n"; echo "Sanitized with RegEx: " . preg_replace('/<(.*)?>(.*)?(<(.*)?>)?/s', '', $string);