How can I add mysql_real_escape_string() to this:::
$result = mysql_send("INSERT customers SET user='$username', pword='$pass1',
firstname='$firstname', lastname='$lastname', email='$email',
active='No', activecode='$activecode', dateofbirth='$dateofbirth',
gender='$gender', title='$title', occupation='$occupation',
address='$address', city='$city', country='$country', zip='$zip',
mobile='$mobile', telephone='$telephone', fax='$fax',
website='$website'
");
$result = mysql_send(" INSERT customers
SET user='".mysql_real_escape_string($username)."',
pword='".mysql_real_escape_string($pass1)."',
firstname='".mysql_real_escape_string($firstname)."',
lastname='".mysql_real_escape_string($lastname)."',
email='".mysql_real_escape_string($email)."',
active='No',
activecode='".mysql_real_escape_string($activecode)."',
dateofbirth='".mysql_real_escape_string($dateofbirth)."',
gender='".mysql_real_escape_string($gender)."',
title='".mysql_real_escape_string($title)."',
occupation='".mysql_real_escape_string($occupation)."',
address='".mysql_real_escape_string($address)."',
city='".mysql_real_escape_string($city)."',
country='".mysql_real_escape_string($country)."',
zip='".mysql_real_escape_string($zip)."',
mobile='".mysql_real_escape_string($mobile)."',
telephone='".mysql_real_escape_string($telephone)."',
fax='".mysql_real_escape_string($fax)."',
website='".mysql_real_escape_string($website)."'
");