My question is: How do you allow single quotes in strings?
For example, I have a form, and a text box. It is set up to allow the user to enter their name. From there, it posts and feeds the data into a database.
I need to be able to allow single quotes (apostrophe) as some people's names have an apostrophe in their names, such as "O'Reilly".
Any suggestions?
Single quotes are not forbidden in any way. I'll simply assume that you got an error inserting it into the database. This is likely due to the omission of mysql_real_escape_string() on input values.
You will get an SQL error if you try INSERT ... ('O'Reilly') which is the whole point of the SQL escaping functions.
(This is why
magic_quoteswere originally introduced: to make SQL work out of the box for newcomers. - Not to make that particularly secure.)