PHP Security – Escape proof SQL injection in ORDER BY clause. White-list the columns your page is allowed to sort on.