You are using the mysqli extension to create the database connection.
Then you are using an entirely different extension named "mysql" (note the missing "i" at the end) to escape.
Escaping needs an existing mysql connection. If non exists, it will be created implicitly with default values. Doing this fails.
But it does not point you into the correct direction: You have to use the escaping functions from the extension you create the connection with. Which is mysqli_real_escape_string
(note the added "i" after "mysql").
General disclaimers:
When using MySQLI, use prepared statements to get rid of escaping strings.
Don't use fast hash functions to hash passwords. Include this library that implements the PHP5.5 functions for password hashing: https://github.com/ircmaxell/password_compat