Q1 - eh? Dunno why you would want to do this but here you go anyway :-D
"SELECT * FROM users WHERE BINARY `uname` = '$l'"
That makes your search case sensitive
Q2 - simplest way is to just regex is
$newString = preg_replace("/[^a-zA-Z0-9]+/", "", $oldStringWithLoadsOfNaughtyStuff);
if($newString !== $oldStringWithLoadsOfNaughtyStuff){
//naughty characters must be there as strings do not match.
echo "naughty Naughty - you have enter illegal characters - only letters and numbers please";
}else{
//all good here
}