- filter_var: documentation ( source)
- str_replace: documentation ( source)
- json_encode: documentation ( source)
<?php
// wg twojego skryptu leci zwykly tekst
$test = "hello <script type=\"text/javascript\"> alert('xds'); </script> \\//\\\\\\ //// ";
// kasujemy / \
$removed = str_replace( ['/', '\\'], ['',''], $test );
// jak to wyglada:
echo "1.". $test . PHP_EOL;
echo "2.". $removed . PHP_EOL;
// filtrujemy
$cleared = filter_var($removed,FILTER_SANITIZE_STRING);
// rezultat
echo "3.". $cleared. PHP_EOL;
echo json_encode($cleared). PHP_EOL;