Hi - i'm pulling all input to drive my site from the php $_REQUEST variable and to protect my site from malicious input i want to find a neat way to loop through the $_REQUEST array and cleanse it probably by running a mysql function to remove injection code and also a php strip tags routine. How can i do this and repopulate each REQUEST parameter when i wont necessarily know what variables are set eg. sometimes it might be $_REQUEST['username'] sometimes other stuff but different depending on which command i am processing. Any ideas? Thanks.