php clear_xss2

function clear_xss2($val, $extratags=array()) {
      // version 2 of clear xss2 which allows to keep all valid html tags but removing dangerous html tags
      $doc = new DOMDocument();

      // load the HTML string we want to strip
      libxml_use_internal_errors(true);
      $doc->loadHTML($val);

      // remove comments
      $xpath = new DOMXPath($doc);
      foreach ($xpath->query('//comment()') as $comment) {
         $comment->parentNode->removeChild($comment);
      }

      $forbiddenTags = array('script','applet', 'iframe', 'frameset', 'frame','object','embed');
      if(!empty($extratags))
         $forbiddenTags = array_merge($forbiddenTags, $extratags);

      foreach($forbiddenTags as $tag) {
         while (($r = $doc->getElementsByTagName($tag)) && $r->length) {
            $r->item(0)->parentNode->removeChild($r->item(0));
         }
      }

      // we need to remove js on events on any tags
      $nodes = $doc->getElementsByTagName('*');
      for($c = 0; $c<$nodes->length; $c++){
         $node = $nodes->item($c);
         foreach($node->attributes as $k => $v){
            if( substr($k, 0, 2)=='on' ){
               $node->removeAttribute($k);
            }
         }
      }

      libxml_clear_errors();
      return $doc->saveHTML();
   }