htmlspecialchars & htmlspecialchars_decode
To properly handle inputs, i.e. all those ", `, and '. Be sure to use htmlspecialchars to convert them before writing to the table. Then use htmlspecialchars_decode to decode it before display. This also work with UTF-8, but not some of the encoding. So, special handling is need to detected them and handle.
How simple an idea... and how come I never pay attention?
How simple an idea... and how come I never pay attention?