added mysql real scape (for sql injection protection) on top of jtml …

…specialchar(which is for xss hijack protection)

src/Mysql.php

@@ -131,7 +131,15 @@ private static function sanitizer($input)
         }
         else if($type === 'string')
         {
-            return htmlspecialchars($input);
+            $mysqli = new \mysqli(
+                self::$host,
+                self::$user,
+                self::$password,
+                self::$database,
+                self::$port,
+            );
+
+            return $mysqli->real_escape_string(htmlspecialchars($input));
         }
 
     }