problems with sprintf and escaping %

i have the following query:

$query = "SELECT * FROM cds WHERE $campo LIKE ('%$busqueda%') ORDER BY
$ordenada";

which i'm trying to change to sprintf to use mysql_real_escape_string
since i've heard that it's better and a more secure way to do queries
, like so:

$query = sprintf("SELECT * FROM cds WHERE '%s' LIKE '%s' ORDER BY
'%s'",
mysql_real_escape_string($campo),
mysql_real_escape_string($busqueda),
mysql_real_escape_string($ordenada)
);

the problem is that i lack the % before and after the $busqueda.
i read that i should escape twice the % ( like so?):

$query = sprintf("SELECT * FROM cds WHERE '%s' LIKE '%%%s%%' ORDER BY
'%s'",
etc...

but obviously i'm doing something wrong since i get 0 results.

how do i express the query above with sprintf, and how do escape
correctly the %?

thank you very much,

NN