After having two conversation on escaping data for MySQL insertion within 5 minutes of each other in ##[email protected], I decided to created a cheat sheet on Filtering & Escaping in general.
I think what most people are not aware of is that not just outputting to the browser is output. So is querying a database, or calling one of the exec functions, or even using the mail function (not mentioned on the cheat sheet, perhaps for v2
Filtering & Escaping Cheat Sheet (PDF) – Grab it now!
Anyhow, I hope people find this useful!