Learn to protect your database against SQL injection using MySQLi. Today we will learn how to protect our database from SQL injection using MySQLi. The MySQLi function is called mysqli_real_escape_string(), and helps escape any form text that the user passes on from the website, in case they try to inject code into our database. In the next episode we will learn how to interact with our database using Prepared Statements, which is a preferred method of interacting with databases, since it is safer and in some cases faster.