类似论坛的回复的字符串的处理

求助类似论坛的回复的字符串的处理
比如回复<script>alert('hello')</script>,还是显示这个而不执行脚本，求具体的处理办法或者函数

[解决办法]
将 < > 这些符号 转为实体

http://www.w3school.com.cn/html/html_entities.asp
[解决办法]
使用replace 字符串替换函数
http://qingxinxz.tk/newindex/content.asp?id=31
例如：
<%
function transfer(x)
x=replace(x,chr(13),"")
x=replace(x,chr(10)&chr(10),"<br ><br>")
x=replace(x,chr(10),"<br>")
x=replace(x,"<%" ,"&lt;%")
x=replace(x,"<","&lt;")

transfer=x
end function

%>
[解决办法]

VBScript code

Function switchHtml(Strings, Mark)    If Mark = 1 Then '//标签 转换成 HTML符号        Strings = Replace(Strings, "<", "&lt;")        Strings = Replace(Strings, ">", "&gt;")        Strings = Replace(Strings, Chr(39), "&curren;")        Strings = Replace(Strings, "'", "&curren;")        Strings = Replace(Strings, "&acute;", "&curren;")        Strings = Replace(Strings, Chr(34), "&quot;")        switchHtml = Strings    ElseIf Mark = 2 Then '//HTML符号 转换成 标签        Strings = Replace(Strings, "&lt;", "<")        Strings = Replace(Strings, "&gt;", ">")        Strings = Replace(Strings, "&curren;", "'")        Strings = Replace(Strings, "&quot;", Chr(34))        switchHtml = Strings        End IfEnd Function