Over the past couple of days, I've been adding security features to the forms on a site I'm building. Below is the validation process for $username. Does it look complete? Are there any holes? Should I add anything else?

PHP Code:
//make_safe function defined to prevent SQL injection
function make_safe($variable) {
$variable addslashes(trim(mysql_escape_string($variable)));

//make_safe function applied to $username
$username =  make_safe($_POST['username']);

//runs checks to ensure form is filled with only letters and numbers
if((!$username) || (!eregi("^[a-z0-9]+$"$username)) {

"Username is a required field <br>";

"Only letters and numbers are allowed in the username field<br>";

    } else { 

//validation complete
Feedback of any kind would be very much appreciated. Thanks.