How can one ensure the integrity of data when handling form inputs in PHP before inserting them into a database?

To ensure the integrity of data when handling form inputs in PHP before inserting them into a database, one should sanitize and validate the input data to prevent SQL injection attacks and ensure data consistency. This can be done by using functions like mysqli_real_escape_string() to sanitize input data and regular expressions or PHP filter functions to validate the input. 

// Assuming $conn is the database connection object

// Sanitize input data
$name = mysqli_real_escape_string($conn, $_POST['name']);
$email = mysqli_real_escape_string($conn, $_POST['email']);

// Validate input data
if(filter_var($email, FILTER_VALIDATE_EMAIL)) {
    // Insert sanitized data into the database
    $query = "INSERT INTO users (name, email) VALUES ('$name', '$email')";
    mysqli_query($conn, $query);
} else {
    echo "Invalid email address";
}

Keywords

SQL injection data validation prepared statements htmlentities input filtering

Related Questions