Addslashes and Strip_tags not working

[lpxxfaintxx]

[code]
<?php
require_once "maincore.php";
require_once "subheader.php";
require_once "side_left.php";
opentable('Edit Images');
$saveid = $_GET['save'];
$newname = addslashes(strip_tags($_POST['imagename']));
$newstatus = addslashes(strip_tags($_POST['status']));
$newdescription = addslashes(strip_tags($_POST['imagedescription']));
$id = addslashes(strip_tags($_POST['editid2']));
$owner = $userdata['user_name'];
    switch ($saveid):
case 1:
$sql = "UPDATE registered_files SET status='$newstatus' WHERE id=$id AND owner = '$owner'";
      $result = mysql_query($sql);
      echo "<center>Thank you! Image status updated. <br /> Image id: $id
<br />Click <a href='memberseditimages.php'>here to go back.</a>
      </center>";
   break;
case 2:
$sql = "UPDATE registered_files SET imagename='$newname' WHERE id=$id AND owner = '$owner'";

      $result = mysql_query($sql);
      echo "<center>Thank you! Image name updated. <br /> Image id: $id
<br />Click <a href='memberseditimages.php'>here to go back.</a>
      </center>";
   break;
case 3:
$sql = "UPDATE registered_files SET description='$newdescription' WHERE id=$id AND owner = '$owner'";

      $result = mysql_query($sql);
      echo "<center>Thank you! Description updated. <br /> Image id: $id
<br />Click <a href='memberseditimages.php'>here to go back.</a>
      </center>";
   break;
default:
   echo "Please edit the information you wish to save.";
endswitch;
require_once "side_right.php";
require_once "footer.php";
?>[/code]

Whenever I edit a row and insert html, the html works.. isn't it supposed to prevent that from happening?

Regards,
AIMMultimedia.com

[sford999]

Try the htmlspecialchars function

[a href=\"http://us2.php.net/htmlspecialchars\" target=\"_blank\"]http://us2.php.net/htmlspecialchars[/a]