The reason title
is empty is because mysql_real_escape_string is returning FALSE
.
This happened because it requires a MySQL connection to the database, you have MySQLi. From the docs,
A MySQL connection is required before using mysql_real_escape_string() otherwise an error of level E_WARNING is generated, and FALSE is returned
The way to fix the issue is to use mysqli_real_escape_string to match your database connection, as suggested in the other answers. Obviously for security, you're better off using prepared statements.
Also, the database link needs to be supplied. Since you're using the OO style, this is done as
$db = new mysqli()
$title = $db->real_escape_string($title)