<div>
<div class="content wysiwyg-content">
mysql_query(&quot;insert into table1(column1) values (''$queryString&quot;);<br />
<br />
I am getting values from php $queryString<br />
which only has letters and numbers<br />
<br />
what code do I need to add &nbsp;to make $querySafe so no injection<br />
and do not want to use pdo
</div>
</div>


mysql_query("insert into table1(column1) values (''$queryString");

I am getting values from php $queryString
which only has letters and numbers

what code do I need to add  to make $querySafe so no injection
and do not want to use pdo

$queryString only letters and numbers

PHP is a widely-used server-side scripting language especially suited for web development, powering tens of millions of sites from Facebook to personal WordPress blogs. PHP is often paired with the MySQL relational database, but includes support for most other mainstream databases. By utilizing different Server APIs, PHP can work on many different web servers as a server-side scripting language.

MySQL is an open source, relational database management system that runs as a server providing multi-user access to a number of databases. Acquired by Oracle in 2009, it is frequently used in combination with PHP installations, powering most of the WordPress installations.