> Escaping is not sufficient to prevent SQL Injection Attacks.

Do you have an example or idea of how a SQL injection could occur despite using http://php.net/manual/en/function.mysql-real-escape-string.p... ?