Use of a regular expression to match each data before processing can help.
To limit text to A-Z or a-z or 0-9 or _ characters, use following method.
Code: Select all
$pattern = '/^[a-zA-Z0-9]+$/';
echo preg_match($pattern,'Expertcore');
Similarly, if waiting for a $_GET based Record ID which needs to have only numbers, following method can be used.
Code: Select all
$pattern = '/^[0-9]+$/';
echo preg_match($pattern,'453');