What potential pitfalls should be considered when accessing external systems in PHP?

One potential pitfall when accessing external systems in PHP is the risk of security vulnerabilities such as SQL injection or cross-site scripting attacks. To mitigate these risks, it is important to sanitize user input, validate data, and use prepared statements when interacting with databases. Additionally, always validate and sanitize data received from external systems to prevent injection attacks.

// Example of sanitizing user input to prevent SQL injection
$user_input = $_POST['user_input'];
$clean_input = mysqli_real_escape_string($connection, $user_input);
$query = "SELECT * FROM users WHERE username='$clean_input'";
$result = mysqli_query($connection, $query);