diff --git a/add.php b/add.php
index b8013b4..a124470 100644
--- a/add.php
+++ b/add.php
@@ -17,8 +17,8 @@
 $mysqli->real_connect($config['db_host'],$config['db_user'],$config['db_password'],$config['db_name']); 
 
 // Get all parameter provided by the javascript
-$name = $mysqli->real_escape_string(strip_tags($_POST['name']));
-$firstname = $mysqli->real_escape_string(strip_tags($_POST['firstname']));
+$name = strip_tags($_POST['name']);
+$firstname = strip_tags($_POST['firstname']);
 $tablename = $mysqli->real_escape_string(strip_tags($_POST['tablename']));
 
 $return=false;
diff --git a/update.php b/update.php
index 29c7e4a..60d46db 100644
--- a/update.php
+++ b/update.php
@@ -19,11 +19,11 @@
                       
 // Get all parameters provided by the javascript
 $colname = $mysqli->real_escape_string(strip_tags($_POST['colname']));
-$id = $mysqli->real_escape_string(strip_tags($_POST['id']));
+$id = strip_tags($_POST['id']);
 $coltype = $mysqli->real_escape_string(strip_tags($_POST['coltype']));
-$value = $mysqli->real_escape_string(strip_tags($_POST['newvalue']));
+$value = strip_tags($_POST['newvalue']);
 $tablename = $mysqli->real_escape_string(strip_tags($_POST['tablename']));
-                                                
+
 // Here, this is a little tips to manage date format before update the table
 if ($coltype == 'date') {
    if ($value === "")