Member Avatar for ElegantElephant

Just wondering if it normal and acceptable use both on one string before entering it into a database or displaying it?

For example:

$project_name = mysqli_real_escape_string($dbcon,htmlspecialchars($_POST['project_name']));
  • 1 Contributor
  • 1 Reply
  • 80 Views
  • 20 Hours Discussion Span
  • Latest Post Latest Post by ElegantElephant
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.