Inserting hyperlink into MySQL table

[MFA]

Could someone please give me advice or redirect me to helpful information on how to safely insert hyperlinks into a MySQL table by members/users of my site. I am particularly concerned about security. Many thanks.

[MFA]

At the minute, I'm using prepared statements for safely inserting the link and specialchars function when outputting it. Have I missed anything?

[Psycho]

To safely store any value int he database you just need to ensure the value is properly escaped. Prepared statements is the best way to do that. However, you also need to make sure that outputting those values to the page is done safely. Normally, you would escape the content for output to an HTML page so none of it is interpreted as HTML. E.g. convert "<b>" to "<b>". That can be done with htmlspecialchars () and htmlentities (). But, if you want these to be actual hyperlinks, that won't work. You will want some way to escape HTML code, but then to convert any hyperlinks in the code to actual hyperlink int he output. This should be done by parsing the links in the raw data and dynamically creating hyperlinke. This way you can add some filtering to the process to prevent potentially dangerous content in the hyperlink. But, you can't prevent someone from adding a hyperlink to a malicious site.