Security for MySql with mb_convert_encoding , mb_detect_encoding and UTF-8 encoding

Question

I plan to use code below for adding records into MySql in a secure way. My questions:

1. I always input my own articles by using admin page's form. Since my mysql database and table are encoded in UTF-8, collation: utf8_unicode_ci; and all my web pages are charset=utf-8 then do I still need first sentence in function (sentence starts with mb_convert_encoding ...)
2. 2 - ) Is it possible for a web page viewer, his/her comment input into my textarea is not encoded in utf-8 despite my all encodings (web&mysql) aer set to utf-8

3. Code below needs any improvement?

   function safe_input_into_mysql($safe_str)
{
$safe_str = mb_convert_encoding($safe_str, 'UTF-8', mb_detect_encoding($safe_str));
$safe_str = mysqli_real_escape_string($dbc, $safe_str);
return $safe_str;
}

Answer 1

In what way do you want the database records to be "secure"? Secure against what?

For communication with a database, you should use parameterised queries. That means there will not be a security risk at the database level. It does not mean the stored data might not be dangerous if used elsewhere (for example, output as part of an HTML document) in an unguarded fashion.

You mentioned that the table character set is UTF-8, but you don't mention the connection character set. You should also make sure the connection character set is set appropriately.