I have been using the following preg match to ensure only correct email addresses are used. However it allows name@company to be entered.

Are there solid and reliable preg matches which should be used for email and standard data input such as name and company name.

How can I prevent someone from injecting code into the DB?

  if(preg_match("/[a-zA-Z0-9-.+]+@[a-zA-Z0-9-]+.[a-zA-Z]+/", $emailaddress) == 0 && !$error) {
        $error = "The email you entered is not valid.";