function filter_xss($string, $allowerd_tags);
* This code does four things:
* - Removes characters and constructs that can trick browsers.
* - Makes sure all HTML entities are well-formed.
* - Makes sure all HTML tags and attributes are well-formed.
* - Makes sure no HTML tags contain URLs with a disallowed protocol (e.g.
* javascript:).
@return
* An XSS safe version of $string, or an empty string if $string is not
* valid UTF-8.
function filter_xss_admin($string);
* Applies a very permissive XSS/HTML filter for admin-only use.
filter_xss_admin is a ju
