This is my function for sanitizing data before I insert it into my database. It handles single variables, single dimensional arrays, and multi-dimensional arrays(recursive). It sanitizes numeric data(detects if int or float), checks for html tags in the posted data and makes it safe for storage(I store html and code snippets in my db). It checks for magic quotes and determines if mysql_real_escape_string function exists and if it doesnt mysql_escape_string is used (for older versions of php).