If you want to apply mysqli_real_escape_string() to an entire $_POST array here is how you can do it assuming $conn is your mysqli connection Also good to note that you should always use prepared statements and do not rely on this function alone for security. I personally use this function not as a security measure… Continue reading Escape $_POST with mysqli_real_escape_string