function find_cross_site_tags($text){
$cross_site_scripting_tags = array("<",">","IMG", "SRC", "javascript","SCRIPT",")","(","{","}","iframe","BODY","INPUT","BGSOUND","BR","LAYER","LINK","META","<A",
"HREF","</A>","!--","&","</SCRIPT>","ONLOAD","FRAMESET","TABLE","TD","TR","DIV","STYLE","BASE","OBJECT","EMBED","XML","SELECT",
"DELETE","UPDATE","INSERT",";",":",",","'");
$can_be_attack = 0;
foreach( $cross_site_scripting_tags as $word){
//echo "<br> we are going for $word <br>";
if(preg_match("/$word/i", $text)){
//echo $word;
if(!tep_validate_email($text)){
//exit;
$can_be_attack=1;
break;
}
}
}
return $can_be_attack;
}
