I have the following code:
$nome = $_POST['nome'];
$ip = preg_replace("/[^a-zA-Z0-9\.]/", "", $_POST['ip']);
$porta = preg_replace("/[^0-9\s]/", "", $_POST['porta']);
$site = preg_replace("/[^a-zA-Z0-9\.]/", "", $_POST['site']);
I'm handling some variables with the exception of one, as it needs to accept accentuation, how do I treat this variable correctly to avoid SQL Injection
? And get her to accept accents, strokes, and brackets?