Originally Posted by silver_moon
This can allow a hacker to inject some html/js code in the page.
But thats only temporary and for that one user. Unless this data is made publically available (eg on a guestbook) then this won't affect other users of the site.
For that matter the use of strip_tags() would be more appropriate.