According to the php doc mysql_real_escape_string should be used instead.

lib/ezdb/classes/ezmysqldb.php:816: return mysql_escape_string( $str );
lib/ezdbschema/classes/ezmysqlschema.php:682: if ( function_exists( 'mysql_escape_string' ) )
lib/ezdbschema/classes/ezmysqlschema.php:683: return mysql_escape_string( $value );

The cluster code is already using the new function.