if (get_magic_quotes_gpc()) {$name = stripslashes($name);} else{$name= addslashes($name);} $name = mysql_real_escape_string($name); mysql_query("SELECT * FROM users WHERE name='$name'");