insert into education (info) values (:thispost)

Check your input data before inserting it into an SQL Query.

The issue of SQL-Injection has been raised since like 5 years ago, and still there are people who keep ignoring it.

If you’re using PHP to query your database, make sure you’re not inserting crap first.

The easiest things you can do, and you can make it pretty complicated, are the following:

Check integers and ID’s given by the user

    if ( !is_numeric( $userinteger ) ) {
       return false;
    }

Don’t just insert strings, escape them

    $sql = "select * from users where username=':user' and password=SHA1(':pass')";
    $sql = str_replace( ":user", mysql_real_escape_string($user), $sql );
    $sql = str_replace( ":pass", mysql_real_escape_string($pass), $sql );
    $res = mysql_query( $sql );

And stop using MD5.