Since it seems that you are receiving data from an external source, it may be better to filter out all the characters that you do not expect. What this will include will vary depending on what the variable is for. For example, if you expect this to be one simple word, you can delete everything that is not a letter.
$str = preg_replace("/[^a-zA-Z]/", "", $str);
Just be careful to think about what is and is not allowed. In the above code, characters with an accent are deleted, for example.