PHP function for check Sql Injection


config.php

<?php
 define('DB_SERVER', 'localhost');  
 define('DB_USERNAME', 'root');
 define('DB_PASSWORD', '');
 define('DB_DATABASE', 'student_db');
 
 
 
 define('PROJECT_NAME','Student Tutorial');
 define('SERVER_NAME','localhost');


class DB_Class
{
    function __construct()
    {
        $connection = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD,DB_DATABASE) or die('Oops connection error -> ' . mysqli_connect_error());
    }
}
$connection = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD,DB_DATABASE) or die('Oops connection error -> ' . mysqli_connect_error());

/**********************General WebSite Settings************************************/
date_default_timezone_set("UTC");
?>

class.dbFunctions.php

<?php
public $dbcon;
class Dbfunctions{
    /* Database connect */
    public function __construct(){      
        $this->dbcon = mysqli_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD,DB_DATABASE) or die('Oops connection error -> ' . mysqli_connect_error());                                
    }
    public function checkXssSqlInjection($string='',$stripTag=true,$htmlspecialcharacter=true,$mysql_real_escape=true){
        if($stripTag){
            $string=strip_tags($string);
        }
        if($htmlspecialcharacter){
            $string=htmlspecialchars($string, ENT_QUOTES, 'UTF-8');
        }
        if($mysql_real_escape){
            $string=mysqli_real_escape_string($this->dbcon,$string);
        }
        return $string;
    }
}