How can i make this code 100% sql injection prove?

[code=php]
require 'database.php';
require 'functions.php' ;


if(isset($_POST['submit'])) {

$firstname = addslashes(ucwo rds(strtolower( $_POST['firstname'])));
$lastname = addslashes(ucwo rds(strtolower( $_POST['lastname'])));
$emailaddress = addslashes($_PO ST['emailaddress']);
$sex = addslashes($_PO ST['sex']);
$dateofbirth = addslashes($_PO ST['dateofbirth']);
$phonenumber = addslashes($_PO ST['phonenumber']);
$religion = addslashes($_PO ST['religion']);
$country = addslashes($_PO ST['country']);
$city = addslashes($_PO ST['city']);
$town = addslashes($_PO ST['town']);
$relationship = addslashes($_PO ST['relationship']);
$occupation = addslashes($_PO ST['occupation']);
$password = addslashes($_PO ST['password']);
$confirmpasswor d = addslashes($_PO ST['confirmpasswor d']);


$error = array();
// Validates the form input

if(strlen($_POS T['firstname']) < 1)
$error['firstname'] = '<p class="alert">P lease enter a first name.</p>';

if(strlen($_POS T['lastname']) < 1)
$error['lastname'] = '<p class="alert">P lease enter a last name.</p>';

if(strlen($_POS T['emailaddress']) == '' || !preg_match('/^[A-Za-z0-9](([_\.\-]?[a-zA-Z0-9]+)*)@([A-Za-z0-9]+)(([\.\-]?[a-zA-Z0-9]+)*)\.([A-Za-z]{2,})$/',$emailaddress ))
$error['emailaddress'] = '<p class="alert">P lease enter a valid email address.</p>';

if(mysql_num_ro ws($emailaddres s) > 0){
$error['emailaddress'] = '<p class="alert">T his email address already exists, if you have forgot your password <a href="change_Pa ssword"><b><u>c lick here.</u></b></p>';

if($password !== $confirmpasswor d)
$error['$confirmpasswo rd'] = '<p class="alert">P lease re-type your passwords as they do not match</p>';

if($confirmpass word !== $password)
$error['$confirmpasswo rd'] = '<p class="alert">P lease re-type your passwords as they do not match</p>';

if(strlen($_POS T['sex']) < 2)
$error['sex'] = '<p class="alert">P lease enter a sex.</p>';

if(strlen($_POS T['dateofbirth']) < 2)
$error['dateofbirth'] = '<p class="alert">P lease enter your date of birth.</p>';

if(strlen($_POS T['phonenumber']) < 10)
$error['phonenumber'] = '<p class="alert">P lease enter your phone number.</p>';

if(strlen($_POS T['religion']) < 2)
$error['religion'] = '<p class="alert">P lease enter a religion.</p>';

if(strlen($_POS T['country']) < 2)
$error['country'] = '<p class="alert">P lease enter a country.</p>';

if(strlen($_POS T['city']) < 2)
$error['city'] = '<p class="alert">P lease enter a city.</p>';

if(strlen($_POS T['town']) < 2)
$error['town'] = '<p class="alert">P lease enter a town.</p>';

if(strlen($_POS T['relationship']) < 2)
$error['relationship'] = '<p class="alert">P lease enter your relationship status.</p>';

if(strlen($_POS T['occupation']) < 2)
$error['occupation'] = '<p class="alert">P lease enter your occupation or type unemployed.</p>';


if(!$error) {

$q = "INSERT into dogs (firstname, lastname, emailaddress, sex, dateofbirth, phonenumber, religion, country, city, town, relationship, occupation, password)
VALUES('$firstn ame', '$lastname', '$emailaddress' , '$sex', '$dateofbirth', '$phonenumber', '$religion', '$country', '$city', '$town', '$relationship' , '$occupation', '$password')";
$result = $mysqli->query($q) or die(mysqli_erro r($mysqli));

if($result) {
header("locatio n: signupcomplete. php");
}


}
}
[/code]