Thanks for the response. I did some reading on prepared statements and came up with the following code. Is there anything else you would add to prevent sql injection?
// database connection
$conn = new PDO("mysql:host=$dbhost;dbname=$dbname",$dbuser,$dbpass);
// new data
$fname = $easyForm->field['fname']['value'];
$lname = $easyForm->field['lname']['value'];
$title = $easyForm->field['title']['value'];
$agency = $easyForm->field['agency']['value'];
$telephone = $easyForm->field['telephone']['value'];
$interest = $easyForm->field['interest']['value'];
$email = $easyForm->field['email']['value'];
// query
$sql = "INSERT INTO registration (registration_date, fname, lname, title, agency, telephone, interest, email)
VALUES (NOW(),:fname,:lname,:title,:agency,:telephone,:interest,:email)";
$q = $conn->prepare($sql);
$q->execute(array(
':fname'=>$fname,
':lname'=>$lname,
':title'=>$title,
':agency'=>$agency,
':telephone'=>$telephone,
':interest'=>$interest,
':email'=>$email
));