Securing your mysql queries from $_POST or $_GET injections

Easiest way is to do this:

foreach ($_POST as $k=>$v) {
    $_POST[$k] = mysql_real_escape_string($v);
}