What characters have to be escaped to prevent (My)SQL injections?

Question

I\'m using MySQL API\'s function

mysql_real_escape_string()

Based on the documentation, it escapes the following characters:

Answer 1

Where user input contains tabulators or backspace characters?

It's quite remarkable a fact that up to this day most users do believe that it's user input have to be escaped, and such escaping "prevents injections".