hi, seems mysql_escape_string was deprecated (http://php.net/manual/en/function.mysql-escape-string.php)

is there any alternative method?
hope php developers can share with me.

tq

For MySQLi you could use

mysqli_real_escape_string($string); // For procedural style

It's already mentioned in the link you have provided

Warning
This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should be used. See also MySQL: choosing an API guide and related FAQ for more information. Alternatives to this function include:

mysqli_escape_string()
PDO::quote()

Also,
From http://www.php.net/manual/en/function.mysqli-escape-string.php

mysqli_escape_string — Alias of mysqli_real_escape_string()

So both are same.