- htmlspecialchars: documentation ( source)
<?php
$question="<script>alert('hacked')</script>";
$question = make_secure( $question );
echo "<br>converted question=",$question;
function make_secure($data) {
$data = htmlspecialchars($data); return $data; }