php – Is this code secure

I understand that using prepared statements is the most secure way of interacting with a database.

However I seen the below code online and wondered if the logic was well thought out from a security perspective given that is wasn’t using prepared statements.

 if( isset( $_POST('submit_form') ) ) {
         
    validate_data($data) {
          
     $data = trim($data);
     $data = stripslashes($data);
     $data = strip_tags($data);
     $data = htmlspecialchars($data);
     $data = mysqli_real_escape_string($data);
    
     return $data;    
    }
        

    $name = validate_data( $_POST('username') );
    $emailid = validate_data( $_POST('useremail') );
    $password = validate_data( $_POST('user_password') );
        
    
        
    $insertdata=" INSERT INTO user_data VALUES( '$name','$emailid','$password' ) ";
    mysqli_query($insertdata);
        
}