function clean_injection($ck_ips)
{
$ck_ips = strip_tags($ck_ips);
$ck_ips = mysql_real_escape_string($ck_ips);
return $ck_ips;
}
$query = "UPDATE `$table_name` SET ck_rating_$direction = '$rating', ck_ips = '" .clean_injection($ck_ips). "' WHERE ck_comment_id = $k_id";