I'm using $_POST and aware about mysql exploit, I decided to use this function on the top of my page, therefore all POST will be safe: Can you tell me if I miss something and this function will really do the job as I think it will?

function clean_post(){
    if ( $_POST){
            foreach ($_POST as $k => $v) {
            $_POST[$k]=stripslashes($v);
            $_POST[$k]=mysql_real_escape_string($v);
            $_POST[$k]=preg_replace('/<.*>/', "", "$v");
        }
  }

  if ( $_COOKIE){
            foreach ($_COOKIE as $k => $v) {
            $_COOKIE[$k]=stripslashes($v);
            $_COOKIE[$k]=mysql_real_escape_string($v);
            $_COOKIE[$k]=preg_replace('/<.*>/', "", "$v");
        }
  }
}

Ayrıca tüm html etiketi kaldırır, çıkış için bir güvenli seçenek sonuç kullanmak olabilir:

<pre>
  $foo 
</pre> 

Şerefe!

Şerefe!