You shouldn't trust any inputs from users.
This section of PHP manual may be useful.
http://jp.php.net/manual/en/security.php
http://jp.php.net/manual/en/security.variables.php
http://jp.php.net/manual/en/function.addslashes.php
You may need to write your own addslashes and stripslashes depends
I have created a news script and to my dismay, the script is breaking when
there is a single quote - ' - in a form that goes to the database. Any
solutions?
The text of the script is below.
---
E3 Confirm News
E3 Confirm News Page
Make the necessary edits and the story will be considered "live
