How to prevent sql injection on the Unity Side

I want to do some sanitation on input from the user before it gets sent to php for database insertion. In my particular application it doesn’t matter that much since only select people can put info into the database, but I do want to prevent problems like someone entering Andy’s or Rick!
I’ve tried trimming the string, I’ve tried replacing the string, so far nothing has worked. Anyone have a solution?

char[] charsToTrim = {"'", '"', '/', '\\', '!', "@", '#', '%', "()", ":"};

Error: Cannot implicitly convert type string' to char’
I tried changing the type to string which gives the same error.

Thanks in advance!

It’s completely pointless to do any sort of sql injection protection client side. PHP has proper escape functions. Just make sure the escaped values are always enclosed in quotes or even better use prepared statements.

Any clientside sanity checks should not alter the data. Clientside check should just check for potential issues, inform the user about the error and not executing the request at all. Automatic input alteration can lead to a lot issues in the future. For example if someone enters a username / string / password / whatever with a certain character and you strip it ot replace it he might not know what actual value got stored. If in the future your logic changes It will just break. So clientside sanity checks are never a security measure but only to inform the user about a mistake. Any actual security measures has to be implemented serverside.