Koobi, if you want to use mysql_real_escape_characters() look at
Example 3 in the php documentation.
Here is the reason why ' is converted to \\\' in your code where the case is true:
If magic quotes are off slashes are added but then they are again added with the mysql_real_escape_string(); function. If magic quotes are not off (i.e., on) then nothing happens to the string because it has already been changed to \'. Again the query goes through again and then executes mysql_real_escape_string(); and adds slashes again to both of those becoming \\\'. The only reason it works for numbers is that numbers dont have quotes or special characters and the string is not changed at all.
In the case when the code is false, you want to get ' from \\\':
The problem here is that if magic quotes are on the string that was converted to \' is stripped back to '. If they are on then it stays like '.
' != \\\' and therefore it does not work!