I guess you want to prevet XSS attacks, you shouldn't merely worry about script
tags, someone might exploit it like this: test
[this is a very basic way though].
If you only want the script
tag, with no attributes, to be filtered:
str_replace[array['', ''], array['', ''], $str];
You should improve this using Regex; using preg_match'es and preg_replaces [or only preg_replaces] you can match and/or replace the script tag with its attributes. Or even have more protection against XSS.
Edit: or even a regex like /[.+]/
then store what between the brackets into a variable then print it.
John Mwaniki / 05 Dec 2021
How to remove HTML tags from a PHP string.
We use the in-built PHP strip_tags[]
function to remove HTML, XML, and PHP tags from a PHP string.
Example