How do I strip custom tags from text in a submitted html form using PHP/Perl?

I have a news submission form. I want it to be secure from XSS and the like by stripping all html tags. Then I will convert all other tags with this format

[tagname attributes][/closetagname]

To this

<tagname attributes></closetagname>

. The question is how do I do the conversion of the tags to this format.

Solution

You will not be secure from XSS just by "stripping all html tags" and "convert all other tags". Fighting XSS only works by whitelisting some known tags (and whitelist some known attributes) while blacklisting will always fail. Here is a more complete explanation.

A good solution to clean HTML code in PHP is to use HTML Purifier.

Sendgrid can't receive emails in application
How do I populate a dropdown options from an ajax response
How to output geoJSON file from mysql spatial table?
Array value sum by key value php
Sum the values of a column in a 2d array
Group values in an array of single-element arrays by second level key and sum values within each group
SQL - How to SUM and use WHERE clause on this SUM using 4 tables?
Merge a flat associative array into another associative array
How to Migrate and seed before the full test suite in Laravel with in memory database?
How to get/read the cleanest url into Meta Canonical via PHP?
Generated image with text always off-center
Composer Curl error 60: SSL certificate problem: unable to get local issuer certificate
Ignore html tags in preg_replace
Rector how to work with IntersectionType?
How to merge two associative multidimensional arrays
Merge two multidimensional arrays related by shared subarray column values
Replace an array's values with the values from a lookup array
Print grouped data as a single array
Merge and sum data from two associative multidimensional arrays
How to access a global variable from within a class constructor
Why does !func() <= 30 always evaluate as true?
Excessively long text breaks preg_replace()
PHP isset() with multiple parameters
Can strings have a dangling concatenation operator?
How to check if there are multiple versions of PHP installed on Ubuntu 12.04 LTS?
php convert datetime to UTC
Regex used in preg_match() is not finding the expected URLs
PHP script runs fine locally but in production gives Error 324
Wordpress TinyMCE plugin install failed
Receiving data from word press