Is strip_tags() in search.php working?
I was checking the search form to see if it stripped out potentially harmful code added to search strings. I see strip_tags and esc_attr in the code on search.php that is supposed to do this.
<?php printf( __("Search for '%s' returned %s results",'appthemes'), trim( strip_tags( esc_attr( get_search_query() ) ) ), $wp_query->found_posts ); ?>
If I search for <b>boat</b> it does not strip it out and the following is displayed.
Search for '<b>boat</b>' returned 0 results
I don't know enough yet to know if it's working correctly and just want to make sure our searches are being sanitized properly.