php – Is this code secure

I understand that using prepared statements is the most secure way of interacting with a database.

However I seen the below code online and wondered if the logic was well thought out from a security perspective given that is wasn’t using prepared statements.

 if( isset( $_POST('submit_form') ) ) {
    validate_data($data) {
     $data = trim($data);
     $data = stripslashes($data);
     $data = strip_tags($data);
     $data = htmlspecialchars($data);
     $data = mysqli_real_escape_string($data);
     return $data;    

    $name = validate_data( $_POST('username') );
    $emailid = validate_data( $_POST('useremail') );
    $password = validate_data( $_POST('user_password') );
    $insertdata=" INSERT INTO user_data VALUES( '$name','$emailid','$password' ) ";