Code: Select all
$value = htmlspecialchars($value);
This way ANY html-contents in $value will be converted in a way that the browser will treat is as normal text.
if a user enters "<a href=www.somelink.com>link!</a>" in his post it will apear EXACTLY like that! (no link is created).
For more details see the manual.
If you still want to give users capability's to adjust there text (bold, italic, whatever) just like is possible on this forum you could use [b ] and [/b ] (for example). You will have to change that you'reself though, but then you got full control on what is possible or not.