Which function shoud I use for data before I add it to mysql database to protect it from hackers? :?:

mysql_escape_string should help.
This function will escape the unescaped_string, so that it is safe to place it in a mysql_query().

good password like : HiO0O3DnZN5ns23kJahs that would do it.

do somebody can work it??

mysql_real_escape_string() is better than mysql_escape_string(). Also, you can use htmlspecialchars() with ENT_QUOTES option.
Good practice is to create one function or class working with database. Inside this function/class you can build some security handler and all DB-requests should be called through this function/class.

If the lang you use does not offer escaping functions you can take a look at <buzzword>prepared statements</buzzword>, if this is offered.

Oh and you should subscribe to security mailinglists to get informations about bugs fast.