You should always encrypt the user’s passwords.
Validate the user inputs, if its a username at all.
To prevent username duplications add a unique key to the database, and handle mysql_errno() value 1062.
Use PDO if you know the basic methods only.
Never use addslashes() AND mysql_real_escape_string() on one input!
The best possible practice is PDO. Data doesn’t need to be escaped, it supports (and promotes) prepared statements and it also makes queries look cleaner.
If you don’t know much (or anything about PDO) - this is your opportunity to learn something new