function safe($value) {
       if (get_magic_quotes_gpc());
       $value = stripslashes($value);
       if (!is_numeric($value))
       $value = " ' " . mysql_real_escape_string($value) . " ' ";
return $value;
}