https://www.php-resource.de/en/php-manual/function.mysql-escape-string.html