A quick hack to make it easier to sanitize outputs en masse before displaying them to the user.

sanitize.php

<?php

    function sanitize_for_html(&$entity, $flags = ENT_QUOTES) {
        if (is_array($entity)) {
            $iterator = $entity;
        }
        elseif (is_object($entity)) {
            $iterator = get_object_vars($entity);
        }
        else {
            $entity = htmlentities($entity, $flags);
            return $entity;
        }

        foreach ($iterator as $field => $value) {
            $clean = sanitize_for_html($value);

            if (is_array($entity)) {
                $entity[$field] = $value;
            }
            else {
                $entity->$field = $value;
            }
        }

        return $entity;
    }

?>