Over the past couple of days, I've been adding security features to the forms on a site I'm building. Below is the validation process for $username. Does it look complete? Are there any holes? Should I add anything else?

PHP Code:
//make_safe function defined to prevent SQL injection
    
function make_safe($variable) {
     
$variable addslashes(trim(mysql_escape_string($variable)));
      return 
$variable;
    }

//make_safe function applied to $username
    
$username =  make_safe($_POST['username']);

//runs checks to ensure form is filled with only letters and numbers
    
if((!$username) || (!eregi("^[a-z0-9]+$"$username)) {

        if(!
$username){
               echo 
"Username is a required field <br>";
        }

        if(!
eregi("^[a-z0-9]+$"$username)){
        echo 
"Only letters and numbers are allowed in the username field<br>";
        }

    } else { 

//validation complete
    
LOGIN CODE 
Feedback of any kind would be very much appreciated. Thanks.