I would like to use string vars on a safe but universal way for using them in PHP code such as the example below. i've seen htmlspecialchars() but i don't think it's the best i can get for what i need. and mysql functions are definetly not a solution (things like mysql_real_escape_string are deprecated anyway).
what do you guys think would be the best solution for following situation:
$password = $_POST['password'];
$password_check = $_POST['password_check'];
//make $password and $password_check safe
if($password != $password_check)
{
$errors[] = 'The two passwords did not match';
}
thanks
