http://stackoverflow.com/questions/7043303/php-mysql-injection-protectionmysql_real_escape_string($str) // string value for mysql query
mysql_real_escape_string(addcslashes($str, "%_")) // like expression for mysql query
htmlspecialchars($str) // html code
json_encode() // json. only utf8
mysql_real_escape_string(addcslashes($str, '^.[]$()|*+?{}')) // mysql regular expression - you cannot use preg_quote in this case because backslash would be escaped two times!
preg_quote() //php regular expression
Свежие комментарии