I've been reading on php.net about the strip_tags function, and it seems that many
people have been writing their own function. Is this because a malicious user could
put something like <b onmouseover="for(i=0;i<100;i++)
window.open('www.somesite.com');">Long message...</b> or would strip_tags prevent this?
What do you think of strip_tags() vs writing your own function?
