I need help to protect my code from mysqli injection and
$wiadomosc=filter_var($_POST[‘wiadomosc’], FILTER_SANITIZE_STRING); and every special character will be removed, but now my question is is this code protect me from mysqli injection such as a “DROP TABLE” ? I don’t want anyone to destroy everyhing. Can you tell me how to protect simple mail form and form where data is added to DB?
Thank you guys.
p.s I hvae no registration info or login form