Including a function into a theme

I have a small function, that I have been using for many years, to clean up user entered text on website forms that prepares the input for use in MySQL queries and also removes all the input from spambots. I want to continue to use it in the WordPress ver 4.5.2 theme I’m setting up for a N-F-P client or use the preferred WordPress v4.5.2 method(s) for all this.
The code I use is:

<-- laguage: lang php -->
function cleaner($var) {
    $bad_mailer=array('to:', 'cc:', 'bcc:', 'content-type:', 'mime-version:', 
        'multipart-mixed:', 'content-transfer-encoding:');
    foreach ($bad_mailer as $v){
        if(strpos($var, $v) !== false)
            return '';
    }
    $var = str_replace(array("\r", "\n", "%0a", "%0d"), ' ', $var); 
    $var = strip_tags($var);
    return mysql_real_escape_string(trim($var));
}
$scrubbed = array_map('cleaner', $_POST);

and then all input fields are called as: $scrubbed['text'];

I should now probably convert the mysql_real_escape_string to its MySQLi equivalent for WordPress but at the moment I can’t find the WordPress connect link to add to it. What can I do to this code to make it WordPress v4.5.2 compliant?

If you mean to attach it to any and all $_POST inputs in WordPress that’s probably falls under Bad Ideas. WordPress has some kinks in how it works with that data (for example it emulates “magic quotes” mode, long deprecated in PHP itself) and some cases of POST in WP are extremely heavy (saving menus in admin for example).

You can (and should) sanitize data in WP context, but it should be handled case-by-case, for specific tasks and logic.

If you want to review which options WP API has for data sanitization there is a good overview in Data Validation article in Codex.