help patch some php

ok i have to patch this for a challenge somewhere else and i believe i am doing it right but its saying no

   1.     <?php
   2.      if(isset($_POST['submit']))
   3.      {
   4.      $user = $_POST['user'];
   5.      $pass = $_POST['pass'];
   6.       
   7.      if($user == "admin" && $pass == "pass132")
   8.      {
   9.      echo "Logged in";
  10.      } else {
  11.      echo "I'm sorry {$user}, the password you entered is incorrect.";
  12.      }
  13.       
  14.      } else {
  15.      echo "<form action='' method='post'>".
  16.      "Username: <input type='text' name='user'><br>".
  17.      "Password: <input type='password' name='pass'><br>".
  18.      "<input type='submit' name='submit' value='Login'>".
  19.      "</form>";
  20.      }
  21.       
  22.      ?>```

i belive it is 

line = 11

patched line = echo striptags("I'm sorry {$user}, the password you entered is incorrect.");

exploit type = XSS

any help. i know its probably something simple that im over looking

strip_tags is the name of the function.

nope still isn't working

Try different names for the exploit.

ive tried xss XSS cross site scripting Cross Site Scripting

nothing. maybe its down

Also, you could try sanitizing the variable before it becomes a variable.

no it won't except doing that eigther

You're probably not doing the full solution… or you're still doing the solution in the wrong place. Remember, it's a simulated challenge; you have to pick the best place to patch it, not just a good one.