What are the potential risks of using addslashes() instead of mysql_real_escape_string() for SQL query security?

Using addslashes() instead of mysql_real_escape_string() can lead to potential security risks such as SQL injection attacks. It is recommended to use mysql_real_escape_string() to properly escape special characters in SQL queries to prevent malicious code from being injected into the database.

// Using mysql_real_escape_string() to sanitize input for SQL queries
$unsafe_input = $_POST['input'];
$safe_input = mysql_real_escape_string($unsafe_input);

// Using the safe input in the SQL query
$query = "SELECT * FROM users WHERE username='$safe_input'";
$result = mysql_query($query);