Copy this code and paste it in your HTML
//SANITIZE ALL DATA
$_COOKIE = array_map('stripslashes', $_COOKIE); $_REQUEST = array_map('stripslashes', $_REQUEST); endif;
$_GET = array_map('mysql_real_escape_string', $_GET); $_POST = array_map('mysql_real_escape_string', $_POST); $_COOKIE = array_map('mysql_real_escape_string', $_COOKIE); $_REQUEST = array_map('mysql_real_escape_string', $_REQUEST);