On WebProNews.com, there's a brief tutorial on using regular expressions, specifically for filtering "names" entered by users.

One important use of Regular Expressions (Regex) is to verify fields submitted via a form. In this article, we attempt to write an expression that is able to verify the user's first name, middle name, last name or just names in general.

The expression should allow names such as "Mary", "Mr. James Smith" and "Mrs O'Shea" for example. So the challenge here is to allow spaces, periods and single quotation marks in the name field and reject any other characters.

Their examples use the preg_* functions in PHP to work, first looking for any invalid characters in the string(s), then amending it to ensure that there aren't any numbers involved either. The few lines of code it takes are included as well.

On GoodPHPTutorials.com, there's this helpful tutorial that anyone working with any sort of website that has a database backend should look into - a brief look at SQL injections with PHP and MySQL.

SQL injections are a major security risk in many PHP applications. Injections are caused when a web developer allows the end-user to manipulate a variable that is being inserted into a database query string, generally through the $_GET, $_POST or $_SESSION superglobals. When a value isn't verified, major problems can occur. Since MySQL is the most commonly used database platform for PHP applications, it seemed appropriate to write an article specifically related to that.

They cover different topics that you'll need to protect yourself against a basic level of SQL injections - the key is the validation of your data. They have code examples to help you along and explain each step, including outputting the data to the page (where things like cross-site scripting issues can occur).