PHP MYSQL
(quick guide & example)
id name text
| INTEGER PRIMARY KEY | VARCHAR | TEXT
HIDDEN SCRIPT INSERTION $_POST = [ "name" => "Le Hackr", "text" => "<h1>Good product!</h1> <p>Foo Bar</p> <script>alert('POO PAR')</script>" ];
INSERT SQL STATEMENT $stmt = $pdo->prepare(" INSERT INTO `reviews` (`name`, `text`) VALUES (?, ?)");
CONNECT TO DATABASE $pdo = new PDO( "mysql:host=HOST;dbname=NAME;". "charset=utf8mb4", USER, PASSWORD);
TO STRIP ALL HTML TAGS $stmt->execute([ $_POST["name"], strip_tags($_POST["text"]) ]);
SELECTIVELY ALLOW SOME TAGS $stmt->execute([ $_POST["name"], strip_tags($_POST["text"], "<p><h1>") ]);
OR CONVERT TO HTML ENTITIES $stmt->execute([ $_POST["name"], htmlentities($_POST["text"]) ]);