Hi, I am in the process of securing my order form but I don’t know what to do for the first name, last name, address line 1 & line 2 and city. All the fields like zip code, email, phone number have very strong regular expressions to validate the input, prevent unintentional errors and provide protection against sql injection. SO my question is how should I validate first name, last name, address line 1 & line 2 and city. I know I won’t be able to fully protect these fields against errors but I at least need protection from sql injection. Should I just use mysql_real_escape_string() on these fields? but what if theres a backslash in the input that is supposed to be there but is removed when I call strip slashes? Thanks