okay, but you cant compare a scanner with a human mind. in my experience(which is like 10 years, rip real ife), i would never ever combine mysql_real_escape_string with htmlspecialchars, as it can yield unexpected results. they're essentially very similar functions, so you're creating overhead too, but thats not so important on small scale site like this.
and btw print_screen is not a function in php, so im not sure what u meant there