I found the answer myself (to a certain degree):
There is no need to use mysql_real_escape as long as you use parameter binding.
Use the question mark slots or the named slots as shown in the examples.
Please don't use your own homebrewn escaping functions.
Source
Under the 'Converting Records to Beans' section.