Search code snippets, questions, articles...

Encode html special characters and real escape string in php

    $fullname = trim($_POST['name']);
    $fullname = htmlspecialchars($fullname);
    $fullname = $conn->real_escape_string($fullname);

If you want to encode a string in PHP which has HTML tags and special characters you can use htmlspecialchars() function and real_escape_string() function which will encode HTML tags and special characters. This will prevent XSS and SQL injection attack on your application.

Was this helpful?
Programming Feeds
Learn something new everyday on Devsheet