This is the wrong way to go about cleaning input.
Applying blanket mysql escaping to absolutely everything in $_POST and $_GET is going to come back and bite you, if you still want to use the data after you've made a database query but you don't want the escape characters in there.
Use parameterised queries with mysqli or PDO and you will never need to use mysql_real_escape_string().
