Does FILTER_VALIDATE_EMAIL make a string safe for insertion in database?

Question

$str = \'\"mynam@blabl\"@domanin.com\';

filter_var($str, FILTER_VALIDATE_EMAIL);//return valid email.

the above email returns true... Fair enough

Answer 1

my question is if you validate an email using the above could an email carry sql injections that can harm the db even though you have filtered it with filter_var?

filter_var is not a replacement for database specific sanitation like mysql_real_escape_string()! One needs to always apply that, too.