The ultimate clean/secure function

Question

I have a lot of user inputs from $_GET and $_POST... At the moment I always write mysql_real_escape_string($_GET[\'var\'])..

I

Answer 1

May I suggest to install "mod_security" if you're using apache and have full access to server?!
It did solve most of my problems. However don't rely in just one or two solutions, always write secure code ;)
UPDATE Found this PHP IDS (http://php-ids.org/); seems nice :)