In PHP when submitting strings to the database should I take care of illegal characters using htmlspecialchars() or use a regular expression?

Question

I am working on a form with the possiblity for the user to use illegal/special characters in the string that is to be submitted to the database. I want to escape/negate thes

Answer 1

This is not a problem you want to tackle on your own. There are libraries out there to do this for you, such as the HTML Purifier.