javascript - How to prevent tags and scripts from executing in HTML? -

javascript - How to prevent tags and scripts from executing in HTML? -

this question has reply here:

how prevent xss html/php? 7 answers

i using prepared statements mysqli. takes input text , submits text, preventing sql injections.

the problem arises when read text database. text read executes in browser!

for instance - if write input:

<b>hello</b> how r u?<br> <script> alert('he fine dnt wry!') </script>

this goes database is. when read database using select query, , display it, instead of displaying, <b> tags , <script> tags executed!

how can prevent happening?

echo htmlentities("<b>hello</b> how r u?<br> <script> alert('he fine dnt wry!') </script>");

javascript php jquery mysql mysqli