is this bad practice?

[Rifts]

mysql_query("INSERT INTO people (company, lname) VALUES ('clean($_POST[Company])', 'clean($_POST['lname'])' ");

 

using a clean function in the query instead of doing it before hand?

[the182guy]

Everyone has their own opinion on bad practice, IMO yes it is because it makes the code harder to read and debug. Also I think it's good practice to or your query in a variable rather than directly into the function like that. Doing that will make it quicker to debug if you  have a problem with the query you can quickly echo it out to debug.