Help making sure my data goes in and comes out clean from my MySQL

[cooldude832]

I have a site that will have non computer savy users inputting a large amount of data into my MySQL table and I want to ensure no dangerous code gets in and that info comes back the way it is entered.  For example I entered a name like j'izzle and it comes back j/'zzle from the $_POST var and i want to make sure it goes in the table okay.  Any tips on this I have done a lot of the basic stuff like dates I make sure are selects, but I need just need to know what to watch out for

[pocobueno1388]

mysql_real_escape_string() is a good function to use when putting information into the database.

 

Just make sure you do good input checking before anything is inserted into the database. Also make sure the users can't submit HTML, or limit what they can use.

 

There are lots of security tutorials out there, you just have to google it.