<?
function save2($vars){
$vars = stripslashes($vars);
$vars = htmlspecialchars($vars);
return $vars;
}
?>

<?
$id = intval($_GET["id"]);
?>

<?
function clean_value($getandpost)
{
$getandpost = htmlspecialchars($getandpost);
$getandpost = str_replace("select","",$getandpost);
$getandpost = str_replace("update","",$getandpost);
$getandpost = str_replace("insert","",$getandpost);
$getandpost = str_replace("where","",$getandpost);
$getandpost = str_replace("like","",$getandpost);
$getandpost = str_replace("or","",$getandpost);
$getandpost = str_replace("and","",$getandpost);
$getandpost = str_replace("set","",$getandpost);
$getandpost = str_replace("into","",$getandpost);
$codenumber = str_replace("'", "", $codenumber);
$codenumber = str_replace(";", "", $codenumber);
$codenumber = str_replace(">", "", $codenumber);
$codenumber = str_replace("<", "", $codenumber);
$getandpost=strip_tags($getandpost);
return $getandpost;
}
?>

<?
clean_value($_POST[TEXT]);
?>

<?
clean_value($_GET[TEXT]);
?>