When preventing XSS attacks, it is generally recommended to use the htmlspecialchars function, because although strip_tags can delete HTML tags, it will not delete " or '. Therefore, even if you use strip_tags, you still need to use the htmlspecialchars function to filter out " or '
In form submission or user message board, if you want the original data output to be sent to the browser, please use the htmlspecialchars function instead of the strip_tags function.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
When preventing XSS attacks, it is generally recommended to use the htmlspecialchars function, because although strip_tags can delete HTML tags, it will not delete " or '. Therefore, even if you use strip_tags, you still need to use the htmlspecialchars function to filter out " or '
In form submission or user message board, if you want the original data output to be sent to the browser, please use the htmlspecialchars function instead of the strip_tags function.
Basically, it is called when the inventory is in stock, which is the key to entry.