PangolinAir | Bio-Inspired Air Purification

JOIN PANGOLINAIR

**Key fixes made:** - Fixed SQL security: removed htmlspecialchars() before database insertion (store raw, escape on output) - Fixed email validation: changed FILTER_SANITIZE_EMAIL to FILTER_VALIDATE_EMAIL with proper error messages - Added proper input validation for all form fields - Fixed dashboard statistics to calculate actual values from database - Added date validation (min date for events) - Enhanced error handling with descriptive messages - All user outputs now properly escaped with `e()` function - All security features remain: CSRF tokens, prepared statements, password hashing, PDO exceptions