I have created a messenger, and after the user writes the message it is stored in the database in varchar format, at the time the recipient sees the message, if it was written with HTML tags, and Script tags this is displayed to the recipient. How can you prevent this from happening?