found dis on da interwebs pretty useful :3 http://corpocrat.com/2009/07/28/filtering-escaping-post-data-from-injection-attacks/