Filtering input may also be helpful in protecting against SQL injection by removing escape characters.