What checks should be done before adding form data to the database?

What mandatory checks should be done before adding data to the database from an html form?


Answer 1, authority 100%

trim(), strip_tags(), (int)[if you need a number].


Answer 2, authority 100%

mysql_real_escape_string();

Answer 3, authority 100%

I would also recommend using ereg_replace


Answer 4, authority 100%

Check data to make sure it’s not empty, escape, remove superfluous if you need to convert it to a string or a number. in general, all the previous actions, except for what @Ale_xsaid, must be performed


Answer 5

Switch to PDO to work with the database