WHERE clause with Special character in MySQL and PHP query and prepared statement

Special character issue in php query can be solved by using:

WHERE _utf8'string'

https://dev.mysql.com/doc/refman/8.0/en/string-literals.html

this unfortunately does not work for prepared statement.

Instead set the character set for the connection to utf-8 using

$conn->set_charset("utf8")

https://www.php.net/manual/en/mysqli.set-charset.php

if (!$conn->set_charset("utf8")) {
    printf("Error loading character set utf8: %s\n", $conn->error);
    exit();
} else {
    printf("Current character set: %s\n", $conn->character_set_name());
}

If your string might include backslash, escaping the string will do the trick:

$city = mysqli_real_escape_string($link, $city);

php.net/manual/en/mysqli.real-escape-string.php