$secured = array();
$secured = sanitize($_POST);
extract( $secured );

foreach ( $secured as $key => $value ) {
    $_SESSION[$module][$key] = $value;
}

// Check required
$required = array(
    'firstname' => 'First name',
    'surname' => 'Last name',
    'zip' => 'ZIP',
    'email' => 'E-mail',
    'password' => 'Password',
    'password2' => 'Confirm password',
    'agree' => 'Agreement',
);

foreach ( $required as $key => $value ) {
    if ( empty(${$key}) ) {
        echo '<br class="clr"><p class="notice">Please enter: '.$value.'.</p>';
        return false;
    }
}

if ($password != $password2) {
    echo '<br class="clr"><p class="notice">Passwords missmatch.</p>';
    return false;
}

function sanitize( $input, $strip = 1, $charset = 'UTF-8' )
{
    if ( is_array($input) ) {
        $output = array();
        foreach ( $input as $key => $data ) {
            $output[$key] = sanitize($data, $strip, $charset);
        }
        return $output;
    }
    else {
        // Strip HTML tags if set
        if ($strip > 0)
            $input = strip_tags($input);

        // Encode special chars
        $input = htmlspecialchars($input, ENT_QUOTES, $charset);

        if ( get_magic_quotes_gpc() )
            return mysql_real_escape_string(stripslashes($input));
        else
            return mysql_real_escape_string($input);
    }
}