Here is how you can sanitize the entire GET array in PHP using filter_input_array with FILTER_SANITIZE_ENCODED. In this example if someome was to pass a malicious +OR+1=1– as a query string https://example.com/sale?category=Gifts%27+OR+1=1– Now, let’s try sanitizing The effect is the same as putting htmlspecialchars() but in this method is useful if you have a large… Continue reading Sanitize GET request in PHP