Leaderboard

Using filter_input_array with FILTER_SANITIZE_FULL_SPECIAL_CHARS for both $_GET and $_POST can provide an additional layer of security by sanitizing input data. However, keep in mind that it may cause unintended behavior if applied indiscriminately to all input. It's generally considered safe, especially when combined with htmlspecialchars, but ensure it doesn't interfere with any specific requirements or data types in your application. Best Regard Danish Hafeez | QA Assistant ICTInnovations

I like to use data attribute on these occasions. NOTE: use a class name for the selects and another for the inputs. Don't use ids. Maintain a count of how many comments the user adds and increment each time they add a new one. When creating a new select and input, give them both a data-id attribute with the value of the count. When emoji selected, get the value of the select's data-id. Look for the input with the same data_id and insert the emoji.

Then use the actual name of your PDO connection object instead of $pdo. My apologies for not being psychic.