Code
// check to see if a string needs to be escaped for database input
function escapeit ( $text ) {
if ( get_magic_quotes_gpc() ) {
$text = stripslashes($text);
}
if ( !is_numeric($text) ) {
$text = mysql_real_escape_string($text);
}
return $text;
}