如何使用mysql的真正转义字符串?

The code here is still incomplete because I'm still going to ask you guys on what the proper format/syntax of using mysql escape string. Im still a beginner in php and I want to learn how to avoid sql injections. Is the code below correct? The code here is still incomplete because I'm s