Busegeksvog
New Member
I know there is no harm in adding it either way but I'm curious...If I was to use htmlentities(); with ENT_QUOTES and then mysql_real_escape_string(); the variable before entering it into the Database, then just use html_entity_decode(); along with stripslashes(); to display the information...Would this still be safe and secure?