You should usually validate user data in PHP before you store it code example
Example: sanitize form data php
# sanitize form data
function clean($data)
{
$data = htmlspecialchars($data);
$data = stripslashes($data);
$data = trim($data);
return $data;
}