If you want to have a more secure database, simply escaping a string is not enough. This will definitely help in regards to SQL injection attacks, but there are a host of other methods to compromise a database.

Some pointers:

1. Practice “least privilege” in that the users and accounts that are GRANTed access to your database should have the minimum privileges to complete their tasks and nothing else.
2. Make sure your passwords are difficult to guess (composed of letters both lower and upper, numbers, symbols, etc.) and changed regularly.
3. Don’t save credit card numbers unless absolutely necessary (assuming you’re running a commercial site).
4. Hash and possibly salt your passwords before storing them in your database if you’ll have user accounts
5. Check and double-check port numbers (3306 for MySQL) and permissions on files and directories, especially if users are uploading files

These are generally good practice and you should be aware of issues for databases outside the scope of just SQL injection attacks.