I need to build lots of custom forms to collect user data. The user data will move from the form to MySQL, then back to the browser over its lifecycle. Therefore, the stacks and resulting PHP, HTML, and JavaScript must take measures to protect against code injection via the user's input. At least, that's my desire. I'd rather not hand-code these security measures as they seem to be standard, well-known threats that professional developers would want to address in their products.
Do Foundation 6 forms provide any sanitization and escaping features? Do the Feed stacks (including Feed DB)? Do any other stacks provide defensive features against code injection threats? The only form stack I've found that mentions anything related is FormSnap 3 from Yabdab.
Thanks.