That looks like he's written a custom function to escape. As long as that escape_all function is calling mysql_real_escape string, it will technically work, although I wouldn't say it's the preferred solution for a few reasons.
Firstly, you'll want to be careful that you aren't escaping anywhere else, as it can easily lead to double escaping, which can cause other problems.
Also, you can end up escaping a whole lot of data that doesn't need to be escaped depending on the situation, if performance is a concern.
And yes, using mysqli instead of mysql is generally preferable.