Receive input from users and user mysqli_real_eacape_string.
$name = mysqli_real_escape_string($_POST[‘name’]);
$pasword= mysqli_real_escape_string($_POST[‘password’]);
$query = “INSERT INTO Persons (Name, Password) VALUES (‘$name’, ‘$password’)”;
PHP 5.2 introduced the filter_var function
$email = “test@domain.com”;
if(filter_var($email, FILTER_VALIDATE_EMAIL))
{
echo(“$email is a valid email address”);
}
else
{
echo(“$email is not a valid email address”);
}