Sanitizing forum comments

7 replies [Last post]
Acetolyne
Offline
Neophyte
Joined: 2011/11/02

hey all I have been using php for a while so I am aware of how to sanitize data on a website from SQL injection however recently I have decided to make my own forum and have never sanitized a string that contains BBcode and can't find much on it via search engines. when I use mysql_real_escape_string() on it the output ruins the BBcode entries. Can anyone please advise how to handle this in a better way? what charcters should I sanitize from the data. Thank you for any help on this matter.