- filter_var: documentation ( source)
<?php
$foo = '<script></script>';
/*** sanitize the input ***/
$first_name = filter_var($foo, FILTER_SANITIZE_STRING);
/*** assign the input ***/
$message = 'Thank you ' . $first_name;