<?foreach($_GET as $key=>$value){$_GET[$key]=mysql_escape_string(stripcslashes(htmlspecialchars($value)));}foreach($_POST as $key=>$value){$_POST[$key]=mysql_escape_string(stripcslashes(htmlspecialchars($value)));}?>