Anyone know any good functions (or know where to find one) that will filter out characters or insert escape characters into strings where the string might possibly break an SQL statment (or print out malicious HTML or Javascript).
For example, replacing " with \" and < with < etc.
Thanks.
