From a security standpoint, there is no need to use your sanitize function as long as you escape / process your data correctly for the medium you are outputting to:
- Using
htmlspecialchars()
is all that is needed for output to html; - Use
json_encode
if you need to output to javascript; - Use prepared statements with bound variables for your database;
- etc.