mysql_real_escape_string() was removed in PHP 7.0.
get_magic_quotes_gpc() was removed in PHP 8.0.
https://www.php.net/mysql_real_escape_string
https://www.php.net/get_magic_quotes_gpc
The current minimum PHP version that is supported for security fixes by the PHP community is 8.1: https://www.php.net/supported-versions.php
If you're still seeing this in 2025 (going on 2026), there are other systemic problems at play besides the PHP code.
https://www.php.net/manual/en/function.mysql-escape-string.p...
https://stackoverflow.com/questions/3665572/mysql-escape-str...
One hardly even tries to do the thing it says on the tin, the other one at least tries to be the real thing. None of them worked very well, however.