When to sanitize PHP & MySQL code before being stored in the database or when its being displayed?

Question

Okay I was wondering when should I sanitize my code, when I add store it in the database or when I have it displayed on my web page or both?

I ask this question beca

Answer 1

When you are putting something in the database, you make sure it's safe to put in the database.

When you are about to display something in a browser, you make sure it's safe to display it in the browser.

If you make something browser-safe before you put it in the database, then you are now picking up the habit of trusting that things will be browser-safe when they come out of the database. It's not a good habit to trust user data, even if you're pretty sure you cleaned it previously. Also makes it easy to forget to sanitize before output if you're using someone else's database or code.