I was just wondering if i was being a little over the top.
With all post variables, even the <select> posts i am using this, i have setup a function so i do not have to code this on ever post but you will get my gist!
$name = trim(strip_tags(htmlentities($_POST["name"])));
$name_secure = mysql_real_escape_string($name_secure);
The reason i ask is if this is to much for a common form then its un-needed code which doesn't need to be there.
Or do i need to do more on the front of other hacks within form submittion and url injection etc.