Let's pretend I take Userdata, and save it in a file or database (like a forum or shoubox).
How could I secure the script so that users can enter stuff like "<script>*</script>" and stuff, so that the browser displays it and does not run the script. I always used to use strip_tags to secure my scripts, but it removes the code and does not convert it in something that the browser displays.
Same with "<?php ?>" and similar (binary safe). I guess there needs something to be like an encoding?