What Moritz says about using a placeholder is definitely the way to go vis. avoiding SQL injection.

If you want a simple way to make it HTML safe, you can do that before you put it in the DB or after, when you take it out and want to use it in a page (depending what else is done with the data). There are lots of modules, etc, for doing this but the major issue is the < and >, and ' if you use javascript: 
$string =~ s/</&lt;/g;
$string =~ s/>/&gt;/g;
$string =~ s/'/&#39;/g;

[download]
Hopefully you recognize what that is for. There is a chart of all HTML "escape" codes at http://www.lookuptables.com/

In reply to Re: regex challenged by halfcountplus
in thread regex challenged by grashoper

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.