I woke up today thinking about how to handle strings when inserting to MySQL. What if the string I am trying to save into the database contains HTML characters? Let’s say you are using FCKEditor, how would you “generally” handle strings to be inserted into your database? Because when I think of it, I don’t have a quick answer. I have to test it around until satisfied with the output.
If I am too strict of what to save — then I would have problems outputting the HTML into the browser. Tables would be messed up and form elements would not work.
So, how do you filter different kinds of data to be inserted into MySQL using Zend Framework? Kinds of data as in:
- Strings with HTML characters (mostly from a CMS form where it needs to render the HTML again)
- usernames (no special characters)
- what about encoding?